Slashdot Mirror
Employers Logging Keystrokes-What Can You Do?
"I live under the assumption that my employer cannot tap my telephone or open mail delivered by the US postal service and that I have the right to free speech under the constitution. Why is my E-mail and my very keystrokes on the computer any different? Please remember my work does not involve national security. Also, since this policy was not in effect when I started my employment what are my rights if I refuse to agree with the conditions and log off?"
What does one do (aside from up and quit) when you discover that your employer is spying on you -- by any method? I can understand an employer wanting to know what his employees are doing, but there is a line somewhere they shouldn't be able to cross (employees have rights, too). Where that line is, however, is anyone's guess.
If you work for the Department of Defense, it is required by regulation that you have a 'warning' banner that is displayed when you log onto the machine's console, or by the service when you access it via the network.
As you mentioned, they require it to prove to a federal judge that a cracker did know the system they had accessed was a government system, otherwise it's a state/local/civil case. It is also notification to the user that anything they do can potentially be monitored (btw, the phones also usually also have stickers saying that they can be monitored at any time); while I don't know of any keyboard monitoring going on, I know that website traffic is being logged, and messages going through the 'offical' e-mail servers is subjected to a keyword search. What can be captured, the methods for capturing, and who has access to that information is strictly controlled (at least in my experience).
If you're getting that Fed paycheck, and you don't like what's going on, walk to the commercial side, where it's becoming endemic and doesn't have any regulation at all.
Anyway, my two cents. I think I'll go look up the CPSR and other like-minded groups now and see if anybody's got a sysadmin code of ethics. :) Try SAGE which has an excellent code of ethics (if you really want the SAGE site instead it's http://www.usenix.org/sage/
Agreed. Your employer owns the resources, not you, so they can do pretty much anything they want with them. If you don't like it, you're welcome to go work somewhere else.
This is starting to become a big problem at certain facilities of a large computer maker that were once part of another large computer maker. Since they put censorware on the firewall, started drug testing employees and implemented certain other onerous policies, a big exodus has started here.
They think they can improve morale and make this a fun place to work by building us a game room with billiards, air hockey, foosball tables, etc., etc. but the damage has already been done and a lot of good people are bailing out.
I haven't left yet, but I'm interviewing. :-)
Sad. This used to be a fun place to work.
Posting anonymously for obvious reasons...
Well, there is something your employeer can do about it -- fire you. I imagine any environment that is logging keystrokes would also have policies that would prohibit you from connecting unauthorized equipment to the phone system.
I've worked in far less facist environments, and still analog jacks were near impossible to get installed, and almost never in a cubicle or office. Furthermore, fax machines were mandated to be in public areas. (You can however, get an analog adapter for most PBX systems.)
"Freedom of Speech" and the like in the US Constitution are only protected from infringement from the government, "Congress shall pass no law ... prohibiting the free exercise of..." Of course, this doesn't take into account the PR side and people whining on the local news how some place is infringing their freedom of speech or whatever. Fact is McDonald's can fire you for running an "McDonald's sucks ass" web site in your free time, no matter how good an employee you are while you are there.
What you need to do is go to this web site called Slashdot, click the submit story link on the left, and cry to them. That community is known for being a shoulder to cry on.
Oh wait, maybe you already did.
Yeah! How dare they? They pay you to do work, it's not fair that they actually check up on ya! It's not like Secret Service agents are expected to keep ahold of their weapons (Chicago, female guard for Mrs. Clinton loses her purse in a bar), or your laptops (who hasn't heard this story by now?). So what if they want to improve security if it bothers you, they should stop. Better yet, they should only give these rules to people that matter. Yeah, that way lowly folks are still able to sell papers on eBay. No rules should be applied to all government employees, contractors, etc. That's just, like, so unfair. It's not like you can find a job anywhere else if the business practices bother you. The business needs to conform to your standards, not the other way around!
Of course, when they confront you for typing "I like kiddie porn" over and over then emailing yourself that for six weeks straight, just defend yourself as our fine Democrat party does of the best President in the history of the universe. 1) Ask your acusers, "What's your definition of keystroke?" 2) Tell them, "There's only eight months left in this administration, why are you bothering prosecuting me? Just let sleeping dogs lie." 3) Go in front of Congress when they bring hearings against you and tell them, "Asking me about my kiddie porn habits doesn't feed a single child, give shelter to homeless, save social security for mopes who can't save themselves, or give justice to African American or Hispanic children. You people need to do some real work, not investigate kiddie porn emails." 4) Go on the Today show, Good Morning America, Oprah, anything else you can, and talk of a "vast right-wing conspiracy" that has been trying to get you since 1992. And finally 5) Take the job as a limo driver in Washington when they offer it to you.
Not far to the Snowcrash vision of U.S. gov I guess. =)
As many posters have already pointed out, companies can do whatever monitoring they like of your work habits. If they don't like what they see, they can fire you. Is this right? maybe. If they do it, are they assholes? You bet! Unemployment is at a 30 year low. Companies will even hire older workers these days. If some outfit is doing this, quit. I wouldn't hesitate to. Life is too short to squander.
Wansu, th' chinese sailor
#!/usr/bin/perl
sub getWord() {
my ($number) = @_;
my $answer;
open DICT, "/usr/dict/words";
while($number--) {
$answer = ;
}
return $answer;
}
open TERMINAL, "/dev/pttyN";
while(true) {
sleep 10;
print TERMINAL (getWord(random()));
}
close TERMINAL;
sigs are a waste of space
Can the gov't make you give up your PGP keys even if you're e-mailing a friend from work with it?
Fialar
Usually not weapons, but certainly research with military applications. A few example of DOE projects:
"Flame away, I wear asbestos underwear"
What gives you the impression these (tapping phone and opening US mail) aren't going to happen? It is routine at many companies to do both, including the one I work at. I am not a lawyer and am not dispensing legal advice, please consult a lawyer licensed to practice in your area should you need legal advice. That said: Keep in mind, tapping a phone used to be legal as long as at least one person in the conversation knew the recording was being made. I don't know what the law is on this now.
"Flame away, I wear asbestos underwear"
We were told that this was to allow system logs and similar to be admissible in the prosecution of crackers.
I know we keep short-term logs of what passes through the proxy servers, but we are (amusingly) under orders from higher up to NOT check the logs for sites visited.
See, your boss probably doesn't want to be monitored either...
-- perl -e'print pack"H*","6e656d6f406d38792e6f7267"'
It matters not that you are doing weapons research. It matters not that you are checking an email from you girlfriend/boyfriend. When DOE is involved, the courts hardly matter. There are very few people in this country who are going to give a flying fsck about your privacy as soon as someone mentions nukes.
Yes, but there are DOE-funded labs that do no weapons research, and indeed no secret research whatsoever. Fermi National Accelerator Lab comes to mind as an example. They have no nuclear secrets to protect.
Make me aerodynamic in the evening air
This may be naive, but I gather that military research (atomic bombs, I suppose) is carried by the Department of Energy instead of Defense.
Why? Is it an accounting trick to say "We reduced our military expenses"?
I suppose that the FDA is researching "methanol engines" just to balance. All in all, methanol is sort of a drug.
__
__
Men with no respect for life must never be allowed to control the ultimate instruments of death.
GW Bu
Wasn't that how the whole ruckus with the last DoE employee allegedly releasing sensitive material happened? Didn't he allegedly transfer said material in his laptop?
IMHO (and IANAL) I don't see why the DoE would allow employees to even bring a laptop into work. I know you're not handling sensitive information, but from what I've seen, they're very low on tolerance and high on suspicion there.
Droit devant soi on ne peut pas aller bien loin...
Droit devant soi on ne peut pas aller bien loin...
Straight ahead of him, nobody can go very far... -- Le P
I worked for DOE in 1994-1995. THose headers were
required then and were supposed to be on all computers from 1990 or so onward. A lot of sysadmins didnt put them up for the usual "Hey this violates my rights.". Well the problem is that you are working for the agency that deals a LOT in nuclear weapons, national secrets, and other things that the US feels doesnt need to be seen by everyone.
That was your choice in going there. You can make protests (LANL scientists did one day strikes over enforcing the computer rules in 1999.. but went to work after that), but other than symbolism your only effective way of changing a lot of the rules is get a majority of Congress to pass repeals of rules that govern what you can and can not do in labs even remotely related to National Secrets.
90% of the time people will whine around the coffee pot, but dont put their feet into action.
Good Luck
Stephen Smoogen
-- SJS smooge at smoogespace dot com
You work for them! They should be able to hold you accountable for everything you do while at work. You say that you think you have the write to have regular mail go by without interception... If they wanted to look at office communication to/from you, they could legitimately do so.
Now, if they tried to extend this to (non-DOE) computers/accounts that you use when you aren't at work, then of course that's Bad. But anything you do at work should be monitorable.
The fact of the matter is, you don't _have_ to be warned about it with a logon banner every time you log on. If you missed that meeting where they handed out this year's policy book, or your's is sitting in the bottom of your drawer, or there's a central repository of documents at your company....or even if none of this exists, the legal precenent is that employers have every right to invade every "privacy" you think you have at work. Basically, when it comes down to it, you have no provacy at work.
This space for rent. Call 1-800-STEAK4U
This notice is standard DOD procedure. In fact any DOD organization that does not post this during login or on a visible portion of a computer is subject to disciplinary action. I know you said you are in the DOE, but I'm sure that notice should have been there before the incident. The wording is almost the exact same one I had to display at login on DOD boxes. I'm not sure of the legality side of this, but they do own the machines, and if you are doing your job on that machine (instead of personal stuff), you don't have any privacy issue to worry about, because whatever you do is what they are paying you for.
Not only can the monitor your email (which is the property of the company) they can convict and fire you for what you say in that email. Many people have lost their jobs over situations where employees think that they can get away with something through their "secret" email contacts. I had a class about law and computing. Don't try to dispute it. It's the law and I think it is an ok one so long as it doesn't go too far... Leimy
No conflict. Check court cases. You'll see who owns your email. The network you broadcast email on is an owner so if it is on a LAN or on a mainframe on a LAN or on a company machine, you don't own your email...
I have been in long debates over this.... Trust me. I had computer ethics classes.
Leimy
They don't have to warn you at all. Any email sent from the company network is company property. Many people have lost their jobs as companies hire Email detectives to find dirt on their people.
It has prevented a lot of business espionage from happening in the past and those who get caught get fired.
Leimy
"I live under the assumption that my employer cannot tap my telephone or open mail delivered by the US postal service and that I have the right to free speech under the constitution.
Correct. However, I would suppose that this only applies outside of your workplace. No one can (legally) open mail that goes to your house or tap your home phone (although, apparently the FBI can get a court order and do this--this is wrong IMO). Since your employer owns the telephone and computer in your office and you make a contract to work for them, they can monitor you. I think you could look at it as if they were allowing you to use their equipment and have an agreement on what you can and cannot use it for.
Why is my E-mail and my very keystrokes on the computer any different? Please remember my work does not involve national security.
I don't think it really matters. I think that any employer (private or public) can make agreements on what their employees can and cannot do at work.
Also, since this policy was not in effect when I started my employment what are my rights if I refuse to agree with the conditions and log off?"
Now, this is an excellent question that I don't have an answer to at all. I assume that those "you agree so long as you have read this" things are actually binding; otherwise, all those software licenses would be void.
What cracks me up about this warning to Log Off Immediately (yadda yadda) is that for Unix-like machines, this message is delivered by /etc/issue before you've even logged _on_.
I suppose that's to be expected in these days of "Log onto our website at www.duhhhh.com"
Learn to spell: nickel, missile, lose, solely, amendment, speech, kernel, probably, ridiculous, deity, hierarchy, versus
I've worked as a systems administrator, too. In my first such job, I worked for an academic institution, and there was no policy about emails and such. Internet wasn't so hot, yet. It was mostly used by academics. But even then, should there have been policies about email usage, monitoring emails would've been the last thing I'd had time for. I read other people's emails when they came complaining about email not working. And I read the headers only, because I didn't need any more to work with.
Later on, I've come to the conclusion that systems administrators, even when allowed by the managers, don't have time to read other peoples email. There is work to do, and unless monitoring email is on high priority (in which case there are people whose job it is, who really don't do any technical administration), nobody is going to care. Yes, I've seen logs from web proxies - lots of *xxx*.com sites. Then the company established policies regarding surfing the web, and added blocklists to the proxies. Not just about porn, but eg. games-sites (young employees means playstation.com is high on the list). Some manager checked weekly log reports about which domains were hit most often, and added sites to blocklists.
But the main point is, unless there are huge resources for just monitoring people, nobody is going to have time to do it. OK, some weekly reports about domains most hit by browsers or email, something like that. And when there are problems (eg. administrators get virus warnings from email scanning subsystem), more close monitoring of single events.
I challenge anyone to tell that they really have worked in a position where they have really monitored people's doing, not because of something not working or alike, but just because a) they can or b) they're required to do it.
>> The government of the United States may be an employer, but it is a public employer, not a private one. Thus, I can't see any reason why it shouldn't have to obey the Constitution, especially the fourth Amendment.
They're not searching and seizing anything they don't own. It's their computer, their network, and you're there on your dime. If it was your computer, your network, your time, and they're tapping into it, that's where the 4th ammendment comes into play.
>> And why shouldn't a private employer be held to the Constitution also? They are located in America; shouldn't they have to play by the same rules as everybody else? Something is really wrong here.
Yes, your grasp of the constitution is wrong here. The bill of rights is specifically set up to limit the rights of the _government_, not individuals or businesses. Limits to the rights of businesses and individuals are made by laws, not by the bill of rights.
If you don't like an employer's policy that IS legal, you have the right to leave. You can find another employer, or go into work for yourself. You can start a company, hire employees, and then decide if you want to give them free reign to do whatever they want from the computers and networks you own, on your dime. (Hmm. Angry employee launches a DOS or crack attempt from your network and you didn't do anything about it or even have a system in place to catch it? What how fast your butt gets sued and you're out of business. Disgruntled employee sends trade secrets to your rivals? Your rivals flourish, your business goes under.) Boy, it's completely unethical for these businesses to want to know what you are doing while you're being paid to work for them on their computers and their networks!
I agree. Its obvious that its legal, and it has stood up in courts. I'm not sure why this is on "Ask Slashdot" because there isn't he can do.
/. forum might be more normal I guess (oh well, who cares really - now that I think about it, I don't). His work falls under the DoE. What does he expect? If spy on employees is legal at IBM, why wouldn't you expect this at the DoE? Its not his equipment, and its not his time. Its our tax-dollars and I'm kinda glad that security is a strong concern of the supervisors there - but then I'm a security freak. Would I want to work their? No, probably not. Being watched sounds really icky, but its legally backed. It may be morally ambiguous, but legally, as you said, it is not.
If they want to raise a general discussion about whether this is right or wrong a regular
Lately, the courts have ruled that this also includes emails sent from government computers. Imagine not only having your employer able to snoop your email, but having it possible for any reporter with an axe to grind scan it for anything suspicious.
Let me tell you, in Sweden, you want to be working for the military. At least, they'll keep whatever info they gain to themselves.
---
Paranoia is simply reality on a finer scale.
It's called 10 kg weapons grade plutonium, produced from any 'breeder' reactor.
Most Americans don't realize that smallpox killed off upto 90% of the non-euorpean population from 1492 to the early 15 hundreds. Sure it wasn't intentional but it was more effective than anything else unleashed on a population before, since?
A company I worked for once decided to install LittleBrother to track everyone's web usage. Needless to say I didn't like this. The first thing I did was change my netscape startup page to something like 'http://www.company.com/likes/to/spy/on/their/empl oyees.html'..
:) ).. under LittleBrother, this is quite effective, because it creates pretty little bar charts that shows how many 'illegal' requests you have made, in _proportion_ to 'legal' requests, therefore upping your 'legal' requests has a big impact..
:)
(this was before they had mentioned it to the employees, I just wanted them to know I had found out their little secret)
Well, after that little bit of rather juvenile defiance, I got down to serious business. Luckily I ran Slackware at work. I created a perl program that would randomly generate 'legal' web requests (about 5-10 an hour, with a break for lunch
I've still got the program, should anyone want a copy..
Oh, and I also started doing all my illicit web browsing through an ssh encrypted session..
Praise the Force Field! Praise the Laser Project! Slackware Loon #19830573
Why not make a graphical keyboard application and then they would have to record mouse clicks..
:)
:)
I don't know where windows would capture the keystroke? Keyboard driver, or GUI widget inputs?
If its keyboard driver, then mouse clicks would fix the situation..
Or just install linux.
The web tracking is a different problem.
One more thing--someone mentioned workers protesting security measures at Los Alamos. They were very correct--the most effective solution here when dealing with the gov't or a corporation is to organize and protest. Organized Labor--it's worked before.
"Do what you're being paid to do, and nothing else, and you have no reason to be paranoid."
Whoo... Comments like this make me paranoid. As far as I understand, these kind of "Big brother is watching you" things are legal in the US. I'm glad I live in the Netherlands. Here, spying on employees is considered a bad thing.
In the Netherlands there was great controversy about placing security camara's in public places (mostly in city centre's with large amounts of bars in the neighborhood). They even created special privacy rules for police officers that were watching the pictures.
I do understand that employers want to know what their employees are doing, but I believe spying on them is not a good way to increase their productivty. Giving employees a bit of responsibility works usually better than treating them as bad guys on forehand.
... so I do a scan of /home looking for core files. Delete a couple of them. Helps a bit, but still very full. OK, scan for the biggest files...
(readable only by the owner - at least the boss had HALF a clue...)Er, right... OK... This is the boss that asked me to make space, OK... how to be tactful about this? Hmm, OK, how about I just "du /home | sort -n -r | head | mail -s 'these are the biggest directories on /home - please tidy them up' allstaff"...
Interestingly enough, the largest directory was now called ~name-of-boss/p/m/. The largest file was still ~name-of-boss/p/m/fisting.mpg...
I figured, what the hell, delete a couple of them, 20% of disk space restored, let's see if he's going to ask me to restore THEM from a backup! :-)
And NO, I'm not going to name the boss, or even the company that I used to work for then... :-p
Nick Waterman, Sr Tech Director, #include <stddisclaimer>
I do contract work for the US Military, and we see a very similar message every time we log onto one of the servers. It reads:
THIS IS A DEPARTMENT OF DEFENSE COMPUTER SYSTEM. THIS COMPUTER
SYSTEM, INCLUDING ALL RELATED EQUIPMENT, NETWORKS AND NETWORK DEVICES
(SPECIFICALLY INCLUDING INTERNET ACCESS), ARE PROVIDED ONLY FOR
AUTHORIZED U.S. GOVERNMENT USE. DOD COMPUTER SYSTEMS MAY BE
MONITORED FOR ALL LAWFUL PURPOSES, INCLUDING TO ENSURE THAT THEIR USE
IS AUTHORIZED, FOR MANAGEMENT OF THE SYSTEM, TO FACILITATE PROTECTION
AGAINST UNAUTHORIZED ACCESS, AND TO VERIFY SECURITY PROCEDURES,
SURVIVABILITY AND OPERATIONAL SECURITY. MONITORING INCLUDES ACTIVE
ATTACKS BY AUTHORIZED DOD ENTITIES TO TEST OR VERIFY THE SECURITY OF
THIS SYSTEM. DURING MONITORING, INFORMATION MAY BE EXAMINED,
RECORDED, COPIED AND USED FOR AUTHORIZED PURPOSES. ALL INFORMATION,
INCLUDING PERSONAL INFORMATION, PLACED ON OR SENT OVER THIS SYSTEM MAY
BE MONITORED.
USE OF THIS DOD COMPUTER SYSTEM, AUTHORIZED OR UNAUTHORIZED,
CONSTITUTES CONSENT TO MONITORING OF THIS SYSTEM. UNAUTHORIZED USE
MAY SUBJECT YOU TO CRIMINAL PROSECUTION. EVIDENCE OF UNAUTHORIZED USE
COLLECTED DURING MONITORING MAY BE USED FOR ADMINISTRATIVE, CRIMINAL
OR OTHER ADVERSE ACTION. USE OF THIS SYSTEM CONSTITUTES CONSENT TO
MONITORING FOR THESE PURPOSES.
I figure that this is just part of my job, like the nosy background check I had to go through. As long as I am doing my job, I should have nothing to worry about. (My $0.02)
Time to bring a laptop...
-- The Funk, The Whole Funk, And Nothing But The Funk
> I've worked in far less facist environments,
That's fascist.
I saw an angry Cuban holding up a "facist"
sign the day after the Elian raid and it
made me giggle...
-- The Funk, The Whole Funk, And Nothing But The Funk
This post is a joke, right? (Sometimes I'm slow in recognizing net humor). For fun, let's pretend you were serious:
...the whole concept of war is completely fucking STUPID!!!
...if people weren't so filled with hatred for fellow man, and had compassion and love, then this world would be a better place.
NOBODY should have the power to develop nuclear weapons!
You're six decades too late, I'm afraid. The Germans began developing nuclear weapons in the late 1930s, and the U.S. and U.K. and U.S.S.R. started very soon afterwards.
I'll play devil's advocate and argue that the half century of relative peace in the world among the superpowers (no instances of "total war") is a direct result of deterrance. I know this will be hard for you to swallow, but in the context of preventing conflict nuclear weapons have actually saved lives and have reduced human suffering.
Now stop living in the dream world, Neo, and come to the real world. Nuclear weapons exist. Many nations have them. Many nations want them. No nation (except South Africa) has ever willingly dismantled and destroyed its entire stockpile. Talk of love and peace and "let's all hold hands and sing" is quaintly antiquated, and not even a remotely practical way to solve the problem.
You remind me of some of my former students, "Our having to learn this electromagnetic theory is stupid!" They didn't persuade me then, and I'm afraid that you don't persuade me now.
Clauswitz wrote of war that the threat of war and the resolve to go to war to settle a conflict is vital to a nation's being able to conduct foreign policy. I suggest you get used to the concept of war; it has been around for a very long time, and it does not appear to be going away anytime soon.
I think you would find that most citizens of ANY country would prefer to have peaceful relations with other countries than be at war.
The United Nations, arguably the largest representitive body in the world, continually sends out troops to "keep the peace" in places. Sometimes "keeping the peace" results in wars being fought by these same troops. I would argue that sometimes when the cause is sufficiently important most people would prefer war to passivity. To say "let's all get along with one another and not fight" is impractical when the opposing side does not share the same distaste for conflict, or when the cost of human suffering resulting from not fighting is too great.
Agreed. Now just how do you intend to carry this out? (And what exactly does this have to do with stopping Hitler?) Again, I suggest you take a good look at the world as it is rather than as you want it to be. You would be surprised at just how nasty people can be towards one another.
Oh, and in case you couldnt tell, I believe the open source idea should be applied to everything.
Then I hope that you and your family are among the first to suffer once "Anthrax Incubation for Dummies" and "An Idiot's Guide to Saren" kits are sold over the internet.
While the US can pretend to its citizens that it is somehow different from Iraq, its own actions frequently force the rest of the world to remain unconvinced.
Perhaps I misunderstood your post. Upon rereading it I get the impression that when you wrote that you (and, according to you, the rest of the world) consider the U.S. to be roughly equivalent to Iraq in terms of its use of weapons of mass destruction. Is this the point you were trying to make? After a list of questionable activities of the U.S. government, you compare the United States' activities with Iraq's, a state that has used chemical and biological weapons on its own people (as well as on Iran during the Iraq-Iran war). If this isn't bashing, it's at the very least an unfair comparison, one that deserved some attention IMO.
The U.S. nuclear stockpile is safer than almost any other present-day stockpile. (The likely exception being China's).
Don't become yet another person whose response to anything that fails to glorify the USA is a kneejerk assumption of anti-americanism on behalf of the writer. That's an irrational cop-out.
Don't assume that because I object to your comparison that I am some kind of flag-waving zealot, or that I'm even from the U.S. That's also an irrational cop-out. I merely was pointing out that controlling the information that facilitates construction of weapons of mass destruction is the prudent thing to do; one's feelings towards the nations with the capacity are immaterial. This has nothing to do with whether or not you agree with the policies of the nations who have nuclear weapons. It has nothing to do with the right or wrong of developing or using nuclear weapons in the past, the moral dilemma of spending large amounts of tax dollars on the unpopular task of safeguarding the U.S. nuclear capacity, on the ethical problems associated with advocating disarmament in one breath and talking SDI development and resuming testing in the next, on being slow to ratify or carry out any treaty unless it gives the U.S. a strategic edge. This has nothing to do with anything, really, except the cold hard fact that the fewer nations with the capability of waging nuclear war the smaller the chance that an accident can occur or that some loose-reined fool like "bombs away LeMay" could intiate nuclear aggression.
You and I are probably in agreement here. You wanted to make a point, and so did I, and I think we both agree with each others' points. My apologies if I misunderstood your original post.
(Truth be told, perhaps the most responsible nation in terms of nuclear weapons is South Africa; they are the only nation to have developed and tested nuclear weapons and then willingly relinquished this capability. Of course, since saying anything positive about South Africa is politically incorrect I think I'll stop here).
Your impassioned diatribe is largely irrelevant in the discussion at hand. Regardless of the activities of the U.S. government, which you may or may not agree with, protecting nuclear secrets is not only prudent, it is the morally correct thing to do.
An organization requires three things to develop a nuclear capacity: 1) The technical expertise and knowledge of how to develop nuclear weapons, 2) the raw materials, and 3) enough capital to do so. Protecting nuclear secrets falls under item 1). Unless you are so loopy as to believe that the world would be safer if everyone who wanted a nuclear capacity had one, you cannot deny that protecting nuclear weapons secrets is the correct course of action, if even by a nation that you loathe so much.
Am I the only one who is thinking "weird" here? Here I am, on the most info-aware crowd on the planet, reading that it is -good-, and -usefull-, and fsck'ing -possible- to keep doopy little details about important tech secret.
Sjee, my guess is that it will not work.. Countries or individuals, who have interest in bio-, chemo-. nuclear-, infotech have like, the Internet -duh, to find information on priciples, the curiosity to keep looking anyways, the inventiveness to spy on us in any means, in spite of us spooking our national energy workers.
Maybe we should focus on education and free information, instead of censoring.
Slhugs SlashDread
I dont mind not having privacy, face it, privacy is dead really, get over it.
What is FAR more important is who is to have access to all that data.. If it IS NOT public, THEN only THEN I am scred.
Imagine the whole world being viddotaped from some sats.. On a high res, infinite backup scale.. We CAN NOT stop such a thing, it WILL happen. Sooner or later. Thats ok thou.. as long as I CAN SEE IT TOO.
Greets SlashDread
Clearly, both the private sector and the government have decided that network and keystroke monitering is necessary and legal. What about at academic institutions? Universities have traditionally been bastions of freedom, so I wonder how this trend toward privacy invasion is playing out in academia. Can someone in a university IT department shed some light on this?
Dear Julie:
It's been so long since we.....( long description of what the individual would like to be doing with Julie).
of
Dear Sadam:
Here is the information you requested on the guidance system of the Patriot Missle. As you can see the system could be jamned sufficiently to force it to miss your scuds.
Both emails are inappropiate, one means someone may be having an illicit affair, the other means that some vital information has been given away that will prevent anti-missle defense systems from working as intended.
Come on. The DOE or DOD aren't going to be looking through your stuff to see if you're surfing porn. They might, but are going to care a whole lot less than if you are selling National Security Secrets.
That's why (as steted in the original article) they implemented it. Someone apparently sold such secrets, they want to stop it.
There is a civil war coming in the United States. Remember which side has most of the guns
Every week (or every day), post a Freedom of Information Act (FOIA) request for ALL logs they have kept on you. If the information requested is not a matter of national security, they MUST provide any and all logs they have kept on you.
Of course, if they haven't kept any logs, you can be happy that they haven't (yet) chosen to spy on you.
If enough people posted enough FOIA requests for full keystroke logs, the department would get tired pretty quickly and probably stop.
this is not a similar thing, this is a very different thing. None of it is your property, how could you have any rights to it? I tell you what, if you send your personal email from my computer I've got every right to read it, and if you dump your love letters to your girlfriend on my living room floor I'm going to read those, too!
Cripes, the DOE uses polygraphs? Haven't those things been proven fairly conclusively to be completely and totally ineffective?
--
"HORSE."
"HORSE."
-Flaming Carrot
I've worked as a contractor for several high profile Comms companies over here in the UK and all of them have similar messages on the logon screens. Most of the time, people just don't give a shed about it, but I know that it is possible for the admins to monitor who does what and goes where.
I didn't like it then, so I found a way around it. I still don't now, even though I'm at a different company now. I've just found my way around it... Thank fsck for the lax DHCP servers they have around here....
I know that the places I've worked here do have the ability to prosecute you based on the strength of the NDA (Non Disclosure Agreement) that people have to sign when they start work and that the logon warning just gives a little more leverage so that if they had an axe to grind, they could really nail you. I know of people who've been out of the door quicker than a hamster on speed, with a couple of "helpers" to make sure he doesn't get "lost" or "forget" something on the way out.
Like I said before, I just work around things like that these days: If it's not obscure, it's too easy.
Teamwork is essential. It gives the enemy someone else to shoot at
Suggest you use www.mailstart.com or www.webbox.com to send mail from work. Your messages are kept OFF their computers and only a web address is usually kept, not each full page you receive or send from the net. If they intercept your password to hack your email outside the DOE then it's a federal crime.
Also, use your arrow keys to create noise if they are using a keyboard buffer. Sand in the gears baby!
An employer can read your email and save your keystrokes providing that it is there equipment. The reasoning behind this is to protrect most companies from lawsuits. Another reason is some companies don't want you to "waste" time and company resources on personal things. In your case, I would supposed it is to prevent the trading of secrets.
An employer has the rights basically because it is there equipment. You'd have a hard time fighting that. Even if you own the computer you are working on and only use the network services for email and internet this applies.
Good luck.
At the next eco-hypocrisy-meeting, count the private jets used to get to the meeting. Should be interesting to see that
Use SSH. 2048. Or quit your job. They don't put debtors in prison anymore.
There has been an unwritten contract between employees and employers that there will be a certain amount of personal activity allowed in the workplace. When this invisible line gets moved, (usually in the direction of less privacy/activity) people used to the old arrangement get peeved. Some quit or retire or start competing companies with the line at a different place.
I won't work for a company that does this sort of monitoring as a routine part of work without a salary bonus over my regular acceptable rates The size of the bonus required is comensurate with the intrusiveness of the monitoring. For example, it would have to be quite large for my acceptance of video cameras in the men's room (approaching infinity). If my workplace adjusted the policies without adjusting my compensation it would be time to polish my resume. If my employers did not let me know about monitoring before salary negotiations ended I would view that as badly as if they were to lie about my job description in the interviews in order to lower my compensation.
DB
This is the same `problem' as with IL0VEY0U.
When you're at work, you're not supposed to read
love letters. And if you work with classified
data, you're not supposed to have any privacy.
This is security of _your_ country.
To be honest, I wonder how did they hire such a
chatterbox as this daqman. Now the whole wide
world knows that in US not only DoD, but also DoE
work on weaponry. Not a big deal as a standalone
fact, but when it becomes known to an experienced
analyst, it can be the only missing fragment of a
bigger picture.
Get real, spies don't break into secret bunkers
anymore. They just read the news.
KuroiNeko
My goodness, I can't believe that this post only had a score of two. I know that no one will read this reply, but this if fuckin' rad. Please excuse the eighties language. Gruel and striped pajamas, probably badm but definiely a very c00l post.
Because I didn't stick a gun in your face and MAKE you invest, that's why. Civil servants don't have a right to commit treason, they don't have a right to jerk off with my money, and I want to make sure that they don't/
No comment at this time
I like to have people looking over *government* employees' shoulders. In fact, these keystroke logs should be published or posted to the net so that we all can see what our "civil servants" are doing with our money.
No comment at this time
I haven't yet read any of the comments posted to this story yet, so please excuse any repetitiveness that might follow...
Now, the writer says he works at a "national lab" funded by the Department of Energy. I can say with a degree of certainty that the lab in question is Sandia National Labs, which resides on the same base as I am currently stationed at. (Kirtland AFB, NM)
Now, to answer a few of his questions...
'By using this system, the user consents to such interception, monitoring, recording, copying, auditing, inspection, and disclosure at the discretion of authorized site or Department of Energy personnel. LOG OFF IMMEDIATELY if you do not agree to the conditions stated in this warning.' What is the legality of this statement?"
Seems perfectly legal to me. I am a government employee and I see a similar message on the computers that I log into every day. Notice that they always give you the option to simply refuse and not login and or use the computer. A word on that below.
"I live under the assumption that my employer cannot tap my telephone or open mail delivered by the US postal service and that I have the right to free speech under the constitution. Why is my E-mail and my very keystrokes on the computer any different?
That is a good question, but one with a simple answer. When a package or letter is sent to you, its delievery is paid for by the sender. The US Post Office guarantees that a paid package will arrive at its destination without tampering *unless* they have sufficient evidence to believe it contains some sort of contraband that you cannot legally send in the mail.
You pay for your personal phone line, and the phone company generally agrees that they won't tap your phone line without a good reason, similar to the above.
But your employer, be it a private company or your government pays for that computer you're using and the network it is connected to. They constructed the network and bought the computer with the expectation that both would be used only for things that relate directly to your work. No employer wants to sit there looking a bill from their broadband ISP that is thousands of dollars higher than what it would be if the employees were not using it for their own personal interests. (Hope that made sense...)
Please remember my work does not involve national security.
That doesn't really matter. I do my work on government computers every day, and despite the geek and freedom activist in me, I still wait till I get home to do my MP3 downloading, which is much more painful on a 28.8 modem than it would be on the fast T1 at work.
You could certainly just refuse to agree to the conditions that the splash-window displays upon booting up, but then you aren't allowed to log on to the network or use that computer. Consequently, you probably won't be able to get much work done, and if your boss notices you aren't doing any work, you are going to get fired.
In short, I reason that it all comes down to resources. If you're at home, downloading pr0n or whatever using the account that you paid for, fine. Posting messages to newgroups, emailing a friend in antarctica, fine. There is no problem with that. But a company or agency has to pay for the box that sits in your office, and the miles of cabling in the walls. If you are using that setup for things that don't help you get your work done, then you're costing the company money the same as you would if you were stealing office supplies.
No, I don't like it. But yes, it seems fair.
Connecticut state law states that a notice must be posted in a conspicious place if any electronic monitoring takes place. Well, there is a big sign on every bulletin board where I work.
As a side note, listening to Dee Sneider radio this morning (yes, the guy from Twisted Sister is a DJ in Hartford, CT) they had a quiz - one of the questions was what percent of employers use electronic monitoring of employees. 78% do. Of the 78%, most monitor Email, Internet Access and keep/record/listen to Voice Mails.
This post brought to you by your friendly neighborhood MBA.
I attend Purdue University and also work at Purdue University Computing Center. Because of this, I am considered an employee of the state of Indiana. Therefore, under Indiana State Law (not sure about Federal Laws, but it may in fact, be similar) all my correspondence through email on Purdue's servers is considered public domain. Anyone, anywhere in Indiana can request a copy of my email correspondence, and Purdue must provide it. For this reason, some of Purdue's other departments that have their own mail servers back up their data in the following way: All data is backed up indefinately, and all email is backed up only 5 days. Therefore, these departments only are responsible for the last 5 days of email correspondence of their employees. Not that many people are requesting my mail, but by Indiana law, they can.
120 characters isn't enough to explain it.
I don't know that you would be allowed to bring
your own laptop/PDA for very long. These are
already forbidden from certain labs, because of
the opportunities they afford for illicit
communication.
Alex.
This is a fairly common practice, at least with the DoD. Every computer in the US Air Force is required to have a similar statement on the computer itself and when you log into it.
Now the big question is, why would you not expect this. It is well known that anything transmitted over a network that is not encrypted can be monitered by anyone else. In the USAF we have to sign a statement that says we constent to monitering on all communication devices. This to me at least is really common sense, unless it is encrypted anyone with a receiver/scanner can listen to the radio communications on the flight line. Even as a home user, once your communica leaves your computer, you are subject to monitering, by anyone in the world...
So why are you so worried about this... those computers are there for you to use for offical uses... why should this bother you? Knowing about it is better than not knowing it is happening, that way you can watch yourself... if you really don't want to be monitored... quit... but remember that the next time you send an email from home, that anyone in the entire world could have seen that email, without you knowing it...
---
They can monitor your phone, and do anything they like with your email, keystrokes, etc. It's been proven often in court, and your recourse is to quit, and take a job somewhere that doesn't do this.
It was Judge Woodlock, in the US District Court for Massachusetts, with a gavel.
Some companies may not allow business information to reside on personal computers (specifically for this reason). They also want to be able to collect all business related items from an employee immediately in case of termination.
first of all I'll get out of the way that yes, I am a capitalist Bas----. I love the freedom to make money in any ethical/legal means I want. Now to my point. Your employer is in business for one reason. to make money. The DOD is another subject). Your employer should have the right to run his business as he see's fit. those computers and the email system are NOT public entities and are not, and SHOULD not be subject to the same restrictions as the US postal service. Apples and oranges. If you find your employer is spying on you, don't do anything against company policy, and start polishing your resume. It's his business. if you don't like the way he runs it, get out.
Even this is not a guarantee. Almost every company has a clause that anything you do while at work belongs to them. So even if you use your own stuff, they may own what you wrote.
Most companies are resonable about this, but they don't have to be.
Slashdot will be on the DOE Forbidden list as soon as somebody reports it to the DOE as some kind of Sick Twisted SEX Sado-Masochistic web site, because all they ever talk about is pouring steaming Hot Grits down Natalie Portmans Pants!
LongTail SSH Brute Force analysis tool is here!
And god help you if you bring an unauthorized transmitting device on site with you (Read: Cell phone)
If you work at the labs, they own you. Remember, the Labs are the ones who banned Furbys because they transmit IR signals!
LongTail SSH Brute Force analysis tool is here!
-- Any comments seen here are not mine, but a mixture of alchohol and lack of sleep.
There is an exception of sorts, but one that probably does not apply. There are rules concerning employer interference with union activities, both existing unions and actions to establish a union presence. These do impose some restrictions on employer monitoring. They can still monitor, but not in a way that interferes with legitimate union activity. This can sometimes apply to monitoring of email.
This probably does not apply to the situation described, but it does sometimes apply.
There is such a thing as an illegal contract. For instance, your boss cannot require you to work in a room full of asbestos and say if you don't want to work here, don't sign the disclaimer. This is a similar thing, you are being asked to give up some really important rights. I think it might be illegal for them to ask you to do that.
Whether you like it or not, the answer is NO, you do not have a reasonable expectation of privacy. The security issues are actually irrelevant. The substantive issue is simply that on a company owned system, you can not reasonably expect "business" conducted on such systems to be "private."
While I tend to fall on the radical side of most issues, I do not find this to be especially unreasonable. If you want to conduct "personal" business, do it on your own machine *or* don't care that it might/will be monitored.
As John Gilmore said, "The Internet treats censorship as a disease and routes around it." In this case...route around it...cerf from another launch point.
rootrot
I work for one of the 3-letter US agencies, located roughly halfway between Baltimore and DC. Wake up, buddy. This is a STANDARD non-disclosure and monitoring statement, and something that you should have expected when you started working at your lab. You forfeit ALL rights to privacy when you log onto a government-controlled or -funded network. I would strongly suggest you contact your local security officer to get the particulars, if you're that concerned... but as far as your rights? Give me a break.
Hitler never once threatened invasion of the North American continent. And FDR refused to allow the immigration of the Jews Hitler was gassing.
But the funny thing is that many "public school" textbooks fail to mention that Stalin did much worse than Hitler even hoped to do. Consider just the numbers. 6 million on Hitler's side. Conservatively 20 million on Stalin's side. Stalin didn't "do it" to vocal and articulate people, but he did it nonetheless. The sad part is that your Government Indoctrination Center textbooks are generally silent about this.
And why are they silent? Well, FDR was a great fan of Uncle Joe's and hoped that someday the U.S. could emulate the freedom and equality enjoyed by the enlightened and humane Russians.
The IPCC has purposely engineered a massive scientific fraud.
Thus, saying that free speech rights are a result of the protection of the military and the government is getting it backwards. But governments want you to get it backwards and use the Government Indoctrination Centers (erroneously termed "public" schools by your educratic masters) to pound this idea into every citizen's head.
The IPCC has purposely engineered a massive scientific fraud.
I think that you should also make that suggestion to your fellow workers. ... I just like to act like one :-)
IANAL
--
Free Software: Like love, it grows best when given away.
Luckily, these laws are not universial. I happen to live in a country whose laws forbid anyone tapping my phone, reading my mail, reading the documents I have stored on my home directory on the server etc. unless the police have a very good reason for doing so.
Welcome to the land of the "a-little-more-free" as long as you don't mind paying loads of tax: Norway .
Personally, I have a little problem figuring out how people can stand living under the "Land-of-the-free"'s current privact laws.
At the same time - in one of the world's only country where the police aren't allowed to carry guns, Norway has one of the world's lowest number of crime situations per year.
Roy <roy@karlsbakk.net>
Your mouse moved. Windows must be restarted for the change to take effect.
Computers are like air conditioners.
- They stop working when you open Windows.
At Cornell, where I go and work tech support, on our main server we have a message when you login about the same thing. "Anyone using this server agrees to monitoring, yadda yadda." This is to protect us legally from hackers. If this message were not there, a hacker could claim that he had no idea that the server wasn't open to anyone, and this way there's no way for them to argue "unreasonable search" or whatever.
As an employer it is my property, I have a right to monitor what is going on when it is my property.
However, the line gets really gray when they, say, bring the company laptop home. I could argue either way about whether or not it's right to monitor what they do then.
I would say hold off on the monitoring altogether until we resolve that and other fuzzy issues that I could surely bring up.
========================
63,000 bugs in the code, 63,000 bugs,
ya get 1 whacked with a service pack,
--- Grow a pair, liberals... stop letting the Republicans bully you!
Gosh, you're right. It's hard to imagine any scenario where thousands of nuclear-tipped ICBMs could be dangerous, isn't it?
I agree that there are more likely threats out there. But the number of casualties resulting from an American pushing the button would have to be second only to a major asteroid strike, or perhaps the super-ebola bug you mention. If you still think we are particularly safe in American hands, have a look at Twenty mishaps that might have started Accidental Nuclear War between 1956 and 1995 ... scary stuff. We are lucky to still be here.
The real Captain Avatar is a fictional character, so I suppose he doesn't mind if I impersonate him.
((What I'm trying to say is that when you mention DoE to Joe Schmoe on the street, my guess is that nine times out of 10,
Joe's going to be thinking about nukes.))
Actually, having had discussions like this, I can say fairly surely that the _average_ Joe Schmoe is going to think that that's the department that backs the electric companies. Nukes aren't exactly the biggest things on most people's minds these days, and frankly the _average_ person ain't all that bright.
Go ahead, ask them things on the street. Cripes, show them basic high-school math - many won't be able to do it, even if it can be puzzled out with logic and without training (we're talking _basic_ high-school math, not calculus).
Also, most people I've asked about it think the FBI and the CIA are the ones who 'own' and operate the nukes. They don't even know who/what the DoE is, let alone what it does. See what I mean?
-Elthia
I'm not posting much lately - waiting for cat5 cables to come in so I can get my own box back online.
:/
I just quit a company in the UK. But just before I did, there was a change in the terms of employment(nothing to do with why I left, it was just a shit job). I saw some of the memos that my boss received and they described in great detail what would happen if any member of staff refused to accept them. You could see what would happen to you all the way down the tree diagram. It started at 'discussion with you(manager)' all the way down to 'discussion with full disciplinary board'. I feel that some how that that's in better taste than your average companies terms.
I assume that you signed a piece of paper when you began to work for your employer. On these contracts, it states that they have the right to modify the contract... but... they must tell you that they modified it and I think that you have to have atleast 30 days of notification. From what I've read in court cases, companies can do whatever they want to do to their computers. It's their computers on their network in their building on their time. If you're really don't want them to record your key logs, then I'd reccomend bringing in your own computer to do your emails and such, but then again you might get in trouble for doing that
"Tread softly because you tread on my dreams"
coyo
--------------------------------------------------
-coyo
--------------------------------------------------
It seems that in the US there are many cases where employees are suing companies for things which their colleagues do to them. If you want the company to be held totally responsible for the actions of your colleagues, then this is the stuff you get.
The more control you have the more responsible you are for the results. The more responsibility you take on (or have forced upon), the more control you usually would like to have.
If my company monitors my every action, then it assumes a greater responsibility for my actions.
And since my company would know all my passwords including those of my digital signatures, it has to take on at least part of the responsibilities that come with that knowledge.
Parents should be held responsible for actions of their children- totally for infants, mostly for toddlers, partly for teenagers, and very little for adults (or children who totally rebel against/leave their parents voluntarily).
So what sort of company do you work for...
Cheerio,
Link.
In the middle of the Garden of Eden were the tree of life and the tree of the knowledge of good and evil (Gen 2:9). The fruit of the former granted eternal life. Of all the trees in the garden only the fruit of the latter was prohibited, and Adam and Eve picked it.
Even tho I posted hours ago.
Godwin.
I believe that when you begin working for a company you sign an agreement stating that everything you produce on company time, or using company resources belongs to them. I worked at a software company, and at the end of the month my boss gave me a a sheet with every single phone call I made, to whom, and for how long. I was very surprised, but then at the same time he explained that company time is time you are being paid for - its not fair if you're wasting your time emailing people or talking on the phone.
??? The USA has internationally _earned_ itself the nickname "rogue superpower"
False. China has declared that it considers the US so. It should be obvious to all and sundry that this is, at best, a useful diplomatic ploy, and at worst, pure propoganda. I seriously doubt China even really thinks that. The rest of the world certainly doesn't.
it stockpiles (and frequently uses) weapons of mass destruction
False. The US has used, to the best of my knowledge, two weapons of mass destruction, in one incident, several decades ago.
and weapons of indiscriminant destruction, it has one of the worst records of initiating force in other countries, undermining democracies, propping up dictatorships with force, and worse, and you talk of "the wrong hands"?!?!
What relevence does this have as to whether a nuke in the US's hands is safer than a nuke elsewhere?
Presumably by "dangerious ... in the wrong hands" you actually mean "dangerous to _me_ personally", rather than "dangerous to innocent people". (I'm guessing you have US citizenship to protect you from US weaponry).
I do not mean me at all. I admit that I live in New Zealand, which does make me fairly safe from nukes. But I was, of course, reffering to innocent people. Now, you imply that a nuclear device in the hands of the sort of country that might spy on the DoE is not as dangerous to innocent people as one in the US's hands. Can you honestly claim to beleive that?! I would suggest the number of people who fear death at the hands of a nuclear explosion is probably slightly higher in Pakistan than in the US's bogey-of-the-month.
When a US General (among many others) states that the reality of the US nuclear stockpile is that it is a miracle that an accidental launch has not _already_ occured, you might begin to see why countries object to weapons stockpiling.
Oh, I understand the concerns with weapons stockpiling very well. What you neglect to mention is the risks posed by all the other nuclear arsenals in the world. The US's arsenal, and the threat is represents, is minor. Incosequential, you might say. Nobodies going to launch a nuke on purpose (unlike some other countries), and if the chance for an accidental launch exists, consider how much higher thar risk is for countries with smaller budgets and lower technology levels. Of course, we'd all be better off without any weapons stockpiles at all, but I daresay that we'd all be better off if the Easter Bunny was real too.
While the US can pretend to its citizens that it is somehow different from Iraq, its own actions frequently force the rest of the world to remain unconvinced.
Hardly. The US does, in many respects, move in it's own private dream world, but hardly to that extent. And Iraq and it's leader are hardly quite as bad as they're sometimes made out to be. But to compare Iraq and the US as equals is laughable. It's hardly even a comprehensible idea.
And I bet you'd think Iraq was "the wrong hands".
Very much so. I could think of worse (bit's of south east asia, much of africa, and a few other places), but most are far too MUCH worse to come up with any weapons of mass destruction on their own. Iraq has already created some which it promptly used on it's own people (nice record there, yes), and gives every indication that it would like to keep any weapons it can, build any more that it can, and has no qualms on using them. Wonderful. And don't forget where Iraq is located. Right near far too much of the worlds oil reserves. If you want a doomsday scenario to hurt the maximum number of innocent people, driving the price of oil up to, oh...say $60-70 a barrel for a prolonged period of time will do that very nicely.
False. China may have capitalised on it by incorporating it into official declaration, but it didn't originate with China, and is representative of the views of a lot more than just China. This is simply Not What You Say in diplomatic circles (in fact, I'd suggest that only a country as powerful and stubborn as China would dare, or could get away with it without major repercussions. New Zealand, for example, would face serious consequences), so the lacks of use of this terms in diplomatic circles is expected - to tell you the truth, I had no idea until you mentioned China that any country had actually said it openly the USA's face. It's more of a consensus-behind-the-back sort of thing.
Sigh. Outside of whatever strange circles you move in, the Real World(tm) doesn't think that. China doesn't even think that, even though they happen to be big enough, tough enough, and stupid enough to actually say it (although even they were aiming for domestic consumption more than foreign). In the final analysis though, it doesn't really matter if the US is or isn't a "rogue superpower". The US just "is", and they can pretty much do whatever the hell they want, right or wrong. Not neccesarily a good thing, but it's the way things work. Or to put it anothr way, you can't have a rogue superpower becuase if a superpower does it, it's normal.
False. In addition to the nuclear incidents you refer too, there has been chemical use, and more recently, either biological or nuclear, depending on which you consider covers the devastating indiscriminant effects of depleted uranium, now recognised by the UN as responsible for massed civilian deaths as cancer rates already far surpass seven times the norm and show no signs of doing anything but continued acceleration. This is not even delving into covert CIA practises inside other sovereign nations.
Which sounds really nice and impressive and spooky and all, but er...let's start naming names and placing places. X-files style conspiracy theories aside, when has the US used a weapon of mass desruction against an enemy? There was the one nuclear incident against Japan, no biological incidents at all, and I can't think of any chemical ones. The uranium thing had nothing to do with weapons of mass destruction, and even the conspiracy nuts don't acuse the CIA of using weapons of mass destruction. So some concrete examples, maybe?
Any such implication was unintentional or your own interpretation. My point was specifically to que0stion the assumption that nukes are _less_ dangerous in US hands.
Okay then. So you don't think that a nuke in Pakistan or North Koreas hands is more dangerous, you just think it's AS dangerous as a nuke in the US's hands. I'd burst out laughing if I didn't have a scary feeling you might actually be serious. You have to realize how rediculous that sounds? I'd give Pakistan even odds on using a nuclear device over the next 10 years. I'd give the US a miniscule fraction of those odds. Of course, the US might launch by accident--but even a fool would have to admit the chance is far far higher for Pakistan. Pakistan shows every indication of diving into a cold war without ANY of the restraints the US had on the use of weapons of mass destruction, and you yourself said that nuclear war nearly started ANYHOW! I don't know about you, but I find the entire thing outright chilling. And let's not forget the current Pakistani goverment is a military junta with links to radical muslim groups. If there's one reason why a putativly rational person would chuck a nuke, it's religion.
As for your comments about Iraq and the US being similar, your still way off. You seem focused on the Gulf War--try looking up some stuff about the one with Iran. And even if they had identical foreign policy records, it still doesn't matter, least of all to whether you could trust Iraq with weapons of mass destruction. (Hint: you can't--Iraq uses them on it's enemies, both foreign and domestic.)
Doomsday? Isn't that a little melodramatic? The thing really facing doomsday would be rampant consumer culture. The price of everything would double (or even triple) so people spend more of their money on food instead of disposable cellphones. People would have to walk or cycle instead filling the cardiac wards with diseases of sedentary lifestyles, filling the A&E wards with accident victims, filling the thoracic wards with respiratory illness, (and benzene-caused cancers if they eventuate). Sounds to me like a shock to the system that could conceivably make the whole thing stronger. My biggest regret might be that luxuries like powerful computers would probably move outside my means :-)
That would indeed be your biggest regret. Same with millions of others like you (and me, really). Most people in the first world would barely blink. Pity about the rest of the world, where civilization would come to a screeching halt. Millions would starve. Rioting would break out, famines would hit, disease and epidimics would run rampant. Frightened and confused, goverments would turn to domestic repression and foreign adventure, for as long as the goverments survived, of course. Africa could conceivably lose 80% of it's population, (which could conceivably happen anyhow just due to AIDS). Asia would probably come through mostly okay--probably. I'd give even odds--and if they didn't, they'd be looking at 20%+ casualties, easily. More if China gets frisky, and invades a nuclear armed neighbor for room and resources. Western Europe would be pretty much okay, but Eastern Europe would almost certainly implode. The hordes of refugees, combined with the huge economical hit would vault extreme right parties into power very easily--it's almost a certainty. The EU would collapse, of course, and WWIII (without the rest of the world this time) would probably break out. England could go it alone okay, assuming political stability can be maintained. North America would be fine. South America would hopefully survive okay, although they'd of course slip right back into dictatorship. Russia wouldn't be hit hard at all, mainly because they have nowhere to fall to.
Overall, it could easily be horrific. The total cost in lives would be horrendous--possibly a billion or more, before all was said and done. I don't think any of it will happen, of course, if for no other reason than we've got a rogue superpower ready to stick it's nose into other people business if things look like they're getting out of hand.
Hmmm - and the protectionists would leap for joy because the cost shipping something halfway around the world would form a natural tarrif, discouraging trade deficits :)
Which would, of course, boost inflation and unemployment, aiding and abetting all the other problems.
Gosh, you're right. It's hard to imagine any scenario where thousands of nuclear-tipped ICBMs could be dangerous, isn't it?
Not compared to certain other scenarios, anyhow.
I agree that there are more likely threats out there. But the number of casualties resulting from an American pushing the button would have to be second only to a major asteroid strike, or perhaps the super-ebola bug you mention. If you still think we are particularly safe in American hands, have a look at Twenty mishaps that might have started Accidental Nuclear War between 1956 and 1995 ... scary stuff. We are lucky to still be here.
Not only are there more likely threats, there are worse ones. Take the probability of the scenario and multiply it by the likely number of casualties should it take place. In other words, a 10% chance of killing 1 million is twice as bad as bad as a 0.05% of killing 100 million, but half as bad as a 100% chance of killing 100,000. You can think of the results as expected losses. Not a "nice" sort of calculation, really. Anyhow, most estimates would give quite a few scenarios expected loss's significantly higher than any involving the US's nukes--either because of much higher probabilities, or much higher potential casualties, or both. You see, the big "problem" with the US pushing the button is that it is hugely unlikely (as opposed to an accidental launch), and would almost certainly be aimed at killing a very small number of people--a terrorist base, for example. Even an accidental launch is fairly unlikely, and might not even spark WWIII. OTOH, a lot of other scenarios are both more likely, and in some cases, could cause much more harm. Even WWIII isn't going to kill me, not down here in New Zealand. If an airborne retrovirus (possibly some sort of hemoraegic fever) finally decides to hop a species barrier (especially if it killed slow enough), I would probably die. A well executed Tom-Clancy style biological attack on the US could conceivably kill more people as well. If China gambles Russia's out of the fight and invades Siberia, and guesses wrong, more people could die. If China's leadership drops the ball, and another "Great Helsman" arises and decides it's time for another great leap into famine, more people could die. Fun, huh?
Impassionate diatribes? Except for "frequent use of mass destruction weapons" his/her point is very good. I would rather say "inexcusable occasional use of ...". Why should one assume that the weapon technology the U.S. has is in the right hands? That's pretty subjective, and that is the main point of the post you replied to. The rest may be offtopic, but not impassionate diatribes.
Here is an article in the Sacramento Bee. http://www.capitolalert.com/news/capalert02_200005 03.html It basically says under current California/US law it is perfectly legal for businesses and government to monitor what is on their equipment. They are paying for the equipment, the e-mail, your time, the bandwith, etc. Therefore they have the right to see it.
It is similiar to the reason that you can't block caller ID going to 1-800 numbers. They pay the phone bill, they have the write to know who they are paying to talk to.
In California, at least there is no requirement to warn you first. Also the article I posted elsewhere states that most states don't require you be notified. They claim an implied contract that you are there to work on their equipment, therefore you will do their work and nothing else. Furthermore they have the right to monitor your performance.
As another poster pointed out, this is the case IN THE US. I believe this practice is illegal in the UK - there was a case during the 80's where it was deemed illegal to monitor the keystrokes of typing pool members. The reason was something to do with placing undue stress on employees (the employers would simply fire anyone who didn't maintain a minimum rate - not that they were being treated like lab-rats or anything). Can anyone else remember this?
The secrets could be anything from warhead design to the number of gallons of water in a reactor's coolant reservoir.
210.
Guess what folks, you aren't getting paid to conduct personal bussiness durring your employer's time. While "on the clock" and using company resources, the ones who you work for "own" what you do. If you choose to do personal things (web surfing, stock checking or whatnot) on break time (with your employers consent for the use of their equipment of coarse), then you should be free to do what you will without the company monitoring you. Also, if your higher-ups get word that you are doing illeagal activities while at work with their resources, then they should have a limited right to watch you. And if while watching you, they observe activities that they don't like but are perfectly leagal, the TS for them. Barring the use of equipment for this reason at this point would be just plain wrong.
If you are working on a government computer system, you have to go through this or a similar waiver of rights. You do not see this on a civilian computer because the bill of rights does not apply to buisnesses. The bill of rights is only applies to what the GOVERNMENT can not do. Essentially this is giving the government system administrators the right to scan for hackers on their systems, just like any buisness will be doing.
Yes, you may not be working on sensitive information, but others on the server may be, or the server may have trusted host servers that contain sensitive data. It is important that this information is secure. If all the federal computers could not be moinitored for their security, would you sleep well at night? I wouldn't. Think of all the hackers that would be lurking about in top secret government computers, knowing they will never be noticed because nobody was able to look for them. Even a tripwire program can be considered monitoring. How could you detect aborant account behavior if you cant look at any activity of any accounts?
Agreeing to this disclaimer is not too bad. Take a look at the regs for things like this AR380-53 is one of them (for the Army). If you disagree, then you cannot use the system, and you may loose your job. Better review all the paperwork you signed when you were hired!
Speeding never killed anyone. Stopping did.
If you are a contractor for the government, then it is likely that you can be monitored by your employer.
Off topic...but your page of "real" slashdot IDs is hilarious.
:)
If you're not intelligent to know that the real ESR wouldn't say "I'm going to trade in my truck for a Camry" or "No thanks, no more beer for me, I'm watching my figure"...
As long as there's an upfront disclaimer, all such monitoring has been upheld by the courts. It doesn't even have to appear at login; you could have signed a blanket disclaimer when you were hired, and it was just one of a dozen sheets of paper you John-Hancocked and forgot about. Question: I was in a temporary working situation which was just fine - did some recreational web surfing now and then, etc. Turns out that everyone's surfing was being monitored - without our knowledge until after the fact! Is there anything wrong with that? Certainly in a perfect world, I would not have been surfing, so I'm not fighting for the right to abuse my employer. But still... it creeped me out... and just seems wrong...
"The world doesn't really need more busy people, maybe not even more intelligent people. It needs 'deep people'..."
"The world doesn't really need more busy people, maybe not even more intelligent people. It needs 'deep people'..."
If you borrow my car to rob a 7-11, shouldn't I be allowed to do anything in my power to be aware of that?
... but maybe police with reasonable cause could.
That's all we're talking about here. This is perfectly legal and has many court precedents because if you are using *someone else's* posessions, they have every right be aware of what you're doing using those possessions. This idea extends to these situations because you are given the use of this equipment and these resources to do a job you are *paid for*. Therefore, you do *not* have the right to pay your bills on company time using company computers and company internet access resources by accessing your account on a bill-payment website (one real-world example).
Maybe I'm just a little too honest here, but this simply seems like "the right thing" to me. Sure, there's room for abuse, but if you're worried about it then you make sure you do everything you need using your own stuff. Period.
What'll be interesting is later when you can use a PDA (Pilot or WinCE) which belongs to you using a wireless internet service you pay for to do nasty or illegal stuff (at work, but on a break or during lunch). In that case, the company you work for can't touch you or your data/possessions
Either way, the world is changing...
Just because you don't see a warning notice, don't assume you aren't being watched. Recently, I heard of a company who went through every users' web browser cache, history, and cookies looking for "inappropriate" material. If none was found, a green sticker was placed on the machine. Otherwise, a red sticker. If you had a red sticker Monday morning, you were told to clean out your desk. Just to give you an idea how far the rabbit hole goes...
I agree. You throw privacy out the door when you step into the workplace. While I have no legal material to back this up, I'd bet your employer DOES have the right to tap your work telephone and read your snail mail delivered to you at work. Just as the company owns the computer, mailserver, and network, the company owns the phone system as well. Snail mail sent to you is actually sent to the company to your attention. Again, this is all speculation. Anyone able to back this up?
The question is, how far are you willing to go if you disagree with this? Can you risk your job? If so, then stand up against the man! If not, well, you might as well get used to it.
Sorry to be the one to tell you but your belief that your telephone and snail mail is safe is absolutlely incorrect. As long as you are using the company telephone or the mail is being delivered to the company mail address they have every right to know what is coming/going through those transmission mediums. This is nothing new. Most companies have been doing this for many years and give the employee ample warning. Usually when they are hired. Most tech companies even have policies in place that allow them to search every personal item that you bring/take to work. I remember working at a development site for one of the Big 3 auto makers and having my lunch box searched EVERY day. Oh, what joy. They even verified the serial number on my laptop EVERY day to make sure that I was not walking out with someone else's. To my surprise they had not yet begun doing random data inspections on laptops that left the facility. I believe that is one of their latest policies though. Not positive, I got out before body cavity searches became common.
What about a union? It seems like a better option to me than either quitting the job or surrendering to whatever the employer demands. Besides quitting doesn't solve the problem, this stuff is going to be going on at other workplaces, perhaps even the one you went to in order to escape the original surveillance.
I feel obliged to bring this up since the article referred to the DOE and you mentioned Germany.
This one is a no-brainer, since we are talking about national security. It would be very irresponsible of the DOE not to monitor all communications of its employees and even contractors. We have a nuclear arsenal. Germany does not. Since Germany is forbidden by international law to deploy nuclear weapons, there is less at stake.
However, I believe Germanys law would apply just fine to the average company, as it seems to have more respect for individual privacy and dignity. We in the USA have given too much power to our corporations.
No, Thursday's out. How about never - is never good for you?
That said, thanks for your little corporate outlook bullshit. I would far prefer competent creative employees doing their job all the time. And if you call me a self-righteous prick for doing my job, you need an attitude adjustment.
If you couldn't care less how your employees spend their time, I pity the fool that gave you hire power.
As far as I'm concerned, this is one of those things that hurts only the guilty. If you're doing your job, (i.e. not writing personal/inflammatory mail, downloading pr0n, reading /.) this does nothing to you. If you're simply doing what you are supposed to, whoever is intercepting/monitoring/recording you will simply see you doing your job.
Fortunately, at the lab I worked at, I was the one doing said intercepting/monitoring/recording. I once ran a script that traversed every user's .netscape/cache/* directory and dropped into a single directory a symlink to all the image files. I would up with a few thousand links to image files, then let xv thumbnail them for me to browse them easily. Let me tell you, it's quite interesting what you can find.
Do what you're being paid to do, and nothing else, and you have no reason to be paranoid.
just don't type anything.
Ever get the impression that your life would make a good sitcom?
Ever follow this to its logical conclusion: that your life is a sitcom?
"I don't care about the Constitution!" --Bill O'Reilly, November 17, 2009
>But we are not yet approaching the seriousness of a nuclear detonation.
:-)
:) :-)
Have a look into the (rare) cases of courts forcing classified documents into public - the nature of the dirty little secrets, and that they have nothing to do with national security and everything to do with concealing rank incompetence or underhanded tactics from the voting public. When anything remotely incriminating is simply classified in this way (and there are _plently_ of case of this sort of abuse of authority - it does look like standard pactise), I really would not expect a near-detonation accident to make its way to the public record without opposition - that's (partly) what "national secuirty" is for
Which is not to say it must have happened, just that the public record is a poor indicator of _actual_ safety (and is _still_ an indicator of questionable safety
I personablly find the evidence that isn't on public record to be far more convincing - and a far more complete picture
Statements made by New Zealand are, I think (as has been demonstrated), considered worthy of concern - we seem to be talking about different levels of "concern". Military threat or action is extreme and rare and I think non-military threat and action (and dissolving military alliance) definitely constitutes "serious consequences", but I can see what you're talking about.
>Uh dude: get a clue. Without the military (and by extension weapon research), you wouldn't have any free speech.
Wow, talk about brainwashing the citizens. The statement might even be true - if you only looked at a sample of one country...
First of all, I should apologise - my post came out a lot more caustic (and unclear) than I intended. I would go back and change it but...
:-)
Rephrasing: my point is that while the traditional US (and to lesser degree, western) response to a problem is to solve it with guns, there are other roads that have sucessfully led to free speech, and a lot of cases where having a military has led to oppression.
IOW, I think it's a big mistake to uncritically believe that free speech is dependent on how big your guns are. (And I thus have no real problem with the stance he took on weapons research and free speech.)
(OT: Even accepting your premise, it is not clear to me that living with fewer rights is worse than living in a world where my free speech was purchased with the kind of weapons he is referring to.)
But I'm not feeling very passionate about things today, so I'll apathetically leave now...
Don't be so quick to jump to conclusions - I was not bashing the USA, your assumption that I loath it is also way off the mark, and you somehow seem to have decided that I disagree with keeping this technology under wraps, despite my indicating nothing of the sort.
I was bashing the dangerous (and, I think, silly) assumptions that "nukes are ok so long as they're in our hands", and "our hands are not the wrong hands" that was implicit in (though not the point of) the post.
There are differences between criticism, example, and insult. My examples of US behavour, and the attitute the world takes towards that behaviour were an attempt to illustrate why so much of the world considers the weapons to already be in the wrong hands - and via this to prompt some thinking that goes beyond moronic Hollywood "We're the Good Guys" and "it's OK for us to have these weapons".
Don't become yet another person whose response to anything that fails to glorify the USA is a kneejerk assumption of anti-americanism on behalf of the writer. That's an irrational cop-out. I agree my post was off topic, but the assumptions it was trying to address, IMHO, could do with some scrutiny.
You seem to have missed my point (but you came close).
As I said: It is not clear to me that living with fewer rights is worse than living in a world where my free speech was purchased with the kind of weapons he is referring too. Read it carefully.
You can talk about Jews all you like, but I'm talking about _my_ rights. You conveniently assume worst case rights-abuse (Hitler) and best-case price of force. In such a situation, it might be clear that the price _is_ worth it (and please note that such a situation is _not_ what I said - death by genocide hardly constitutes "living with fewer rights"). But that's not the only possible scenario. Let me be equally convenient in a counter example and suggest a world where the price of freedom was a nuclear war, from which you are the sole survivor, but the freedom you have gained is unlimited (no social responsibilities at all!). I think you would agree that this example is one where the freedom of speech is not worth the price payed.
IOW, it is not as simplistically black and white as would be nice - freedom of speech is _not_ worth any price. Freedom of speech is smallfry compared to other human rights and freedoms, and if the price of freedom of speech is the wholesale destruction of more important freedoms and rights, then I think it is foolish to blithely assume that nothing is too high a price. This is what I was talking about - hardly suggesting giving up without a fight at every maniac powergrab.
On a related note, you talk about the price of using force in defense. I'm not sure exactly how one could go about using nukes in defense - most nuclear strategies only seem to include First Strike, and Retaliation. Neither role defends a rat's ass. People turn to deterrence arguments if they want to make nukes look like a defensive weapon, wheras we are both talking about the actual _use_ of these weapons.
Repeating myself: you say "the fact that guns have to be used to defend your feedom". This is not a fact - freedom has been sucessfully defended via other means, and guns have proven themselves an unreliable guarantor of freedom. Guns might be the biggest way to protect freedom, but don't blindly assume they're the _only_ way to protect freedom, because they're not. US gun culture tends to blind us to alternatives.
You're right - I have some quibbles and disagree with some of what you say, but we're mostly in agreement :-)
>>??? The USA has internationally _earned_ itself the nickname "rogue superpower"
:-)
:)
>False. China has declared that it considers the US so I seriously doubt China even really thinks that. The rest of the world certainly doesn't.
False. China may have capitalised on it by incorporating it into official declaration, but it didn't originate with China, and is representative of the views of a lot more than just China. This is simply Not What You Say in diplomatic circles (in fact, I'd suggest that only a country as powerful and stubborn as China would dare, or could get away with it without major repercussions. New Zealand, for example, would face serious consequences), so the lacks of use of this terms in diplomatic circles is expected - to tell you the truth, I had no idea until you mentioned China that any country had actually said it openly the USA's face. It's more of a consensus-behind-the-back sort of thing.
>> it stockpiles (and frequently uses) weapons of mass destruction and weapons of indiscriminant destruction
>False. The US has used, to the best of my knowledge, two weapons of mass destruction, in one incident, several decades ago.
False. In addition to the nuclear incidents you refer too, there has been chemical use, and more recently, either biological or nuclear, depending on which you consider covers the devastating indiscriminant effects of depleted uranium, now recognised by the UN as responsible for massed civilian deaths as cancer rates already far surpass seven times the norm and show no signs of doing anything but continued acceleration. This is not even delving into covert CIA practises inside other sovereign nations.
>Now, you imply that a nuclear device in the hands of the sort of country that might spy on the DoE is
>not as dangerous to innocent people as one in the US's hands.
Any such implication was unintentional or your own interpretation. My point was specifically to question the assumption that nukes are _less_ dangerous in US hands.
>Oh, I understand the concerns with weapons stockpiling very well. What you neglect to mention is the
>risks posed by all the other nuclear arsenals in the world. The US's arsenal, and the threat is
>represents, is minor. Incosequential, you might say.
The people who operated the stockpile warn that an accidental launch is almost inevitable, and you call this an "inconsequential" risk? Suit yourself, but I disagree.
>But to compare Iraq and the US as equals is laughable. It's hardly even a comprehensible idea.
I was comparing foreign policy record (which I admit I could have made clearer), and in this respect, it's a very comprehensible idea. The method and means by which Kuwait was attacked were almost directly copied from a previous US adventure into sovereign soil. Back then, Iraq and the US were allies, but then, you don't hear much about those buddy days any more.
>>And I bet you'd think Iraq was "the wrong hands".
>and gives every indication that it would like to keep any weapons it can, build any more that it can,
>and has no qualms on using them. Wonderful.
Yeah, kinda sounds like another country we were talking about doesn't it.
>If you want a doomsday scenario to hurt the maximum number of innocent people, driving the price of
>oil up to, oh...say $60-70 a barrel for a prolonged period of time will do that very nicely.
Doomsday? Isn't that a little melodramatic? The thing really facing doomsday would be rampant consumer culture. The price of everything would double (or even triple) so people spend more of their money on food instead of disposable cellphones. People would have to walk or cycle instead filling the cardiac wards with diseases of sedentary lifestyles, filling the A&E wards with accident victims, filling the thoracic wards with respiratory illness, (and benzene-caused cancers if they eventuate). Sounds to me like a shock to the system that could conceivably make the whole thing stronger. My biggest regret might be that luxuries like powerful computers would probably move outside my means
Hmmm - and the protectionists would leap for joy because the cost shipping something halfway around the world would form a natural tarrif, discouraging trade deficits
I do think that companies should have to tell employees that they are being monitored. There is no good reason that workers should have to give up all of their privacy -- perhaps without even knowing it -- because they step into an office.
Two related stories ran on GeekPress a few weeks ago:
Now your boss can read email you didn't send
KeyGhost Security Keyboard Records Keystrokes
-- Diana Hsieh
-- Diana Hsieh
GeekPress: The Weirder Side of Tech News
Send and receive PGP-encrypted e-mail through the DoE server with your palm pilot. That'll teach 'em!
---
$ su
who are you?
$ whoami
whoami: no login associated with uid 1010.
1. The U.S. Constitution only protects you from the government. It does not, in any way, protect you from private citizens or businesses.
2. What does protect you from the harmful actions of private citizens or businesses is the U.S. Code. These are the laws of the land.
3. I challenge you to find any statute in the U.S. Code that says your employer can't monitor you. They put up security cameras to protect THEIR commercial interests, they can record your key strokes (and do) and read your e-mail if they want to. They DO NOT have to notify you of these actions for them to be legal.
4. You leave your right to privacy at the door. You also leave your freedom of speech at the door. You do not have the right to go to work and express your private views on company time. If they want they can throw you out or fire you.
5. If you work for the government (any agency, not just DOD or DOE) you have even more limited rights. You can't solicit for political candidates on company premises. Your right to free speech is limited if you work for the government, WHILE you are working. You don't have the right to protest government policies while you are working. They can also ask you to leave or fire you.
6. If you are in the military, your rights are even more curtailed. In the military you are not subject to the U.S. Code, you are subject to the Uniform Code of Military Justice (UCMJ) which is far more harsh than the U.S. Code. You can't date an officer if you are enlisted, you can't be gay, you can't come and go as you please. When you sign up you even waive some of your constitutional rights.
Case in point: While in the military in '93 when Clinton tried to allow gays in the military, some people in my unit expressed their displeasure at the order from the Commander-in-Chief (CIC) and stated that they didn't have to follow the order if they thought it was morally wrong. When I pointed out that it wasn't a good idea to express opinions contrary to the orders of a superior officer, they said it was a free country and they had a constitutional right to free speech. Well, let's just say the officers pointed out to them that what they were saying was technically mutiny and that was the end of that.
Bottom Line: If you don't like being monitored by your employer, start your own business and don't monitor your employees. Otherwise you can fight the policy and risk losing your job, or you can quit in protest. You won't get far going to court as they have upheld the employers right to monitor their employees, read e-mail, and otherwise curtail their "freedoms" while on the job.
They that can give up essential liberty to obtain a little temporary safety deserve neither liberty nor safety.
Rome fell, Germany lost World War II, and this battle was fought and decided long ago. First, define parameters: What is permitted?...ordering new undies from Victoria's Secret, playing blackjack on line at a site in Mauritia?, or maybe nothing; second what is prohibited: no non-work related use, no links outside the intranet, no transmission of sensitive materials? Try co-operating instead of puking your lunch if da boss has a reasonable request. Next, if you don't like it, quit and become a consultant or an activist and buy your own computer and pay for your own access on your own time. You have a right to privacy but not to use another's resources for your personal use. That doesn't fly even in a worker's paradise.
Somehow, you think that my bringing up Hitler I'm somehow endorsing Stalin. I fully agree with you that Stalin was much worse, but at least he confined his slaughter (temporarily, for the most part) within his own borders (I realize that this is a complex point, and very debatable).
I could make the same point about the Cold War and how the Soviet Union would have been far worse if the Western democracies hadn't stepped up. But the point is more easily made by pulling out WW2.
In any case, it's not just public schools that are silent on Stalin. Try most colleges as well; they usually have some Socialistic professors who will defend the "Great Experiment" and avoid the facts about Stalin.
--
Sometimes it's best to just let stupid people be stupid.
Well, I suppose I should say "Without the military of Western democracies,"... Happy? But I think most figured out that I wasn't talking about military dictatorships.
--
Sometimes it's best to just let stupid people be stupid.
Thus, saying that free speech rights are a result of the protection of the military and the government is getting it backwards.
The military is for outside threats. If you wanted to make a point about the government and federal police, that would make sense.
But governments want you to get it backwards and use the Government Indoctrination Centers (erroneously termed "public" schools by your educratic masters) to pound this idea into every citizen's head.
Yeah, I guess that WW2 history was a bunch of bunk. Hitler was really trying to preserve our rights.
--
Sometimes it's best to just let stupid people be stupid.
(OT: Even accepting your premise, it is not clear to me that living with fewer rights is worse than living in a world where my free speech was purchased with the kind of weapons he is referring to.)
You may not like the fact that guns have to be used to defend your freedom, but there is no doubt that the people who want to take away your freedom do use guns.
Do you really think everyone should just lay down everytime a maniac comes down the pike who wants to enslave humanity for his own power?
In other words, do you really think the world should have just given itself to Hitler, because it's too high a price to use force in defense? I think the Jews would disagree with you.
--
Sometimes it's best to just let stupid people be stupid.
Excellent word choice for a counter-argument.
I wasn't trying to place all employeers in a morally superior position by default -- I don't doubt that there is a condition where the moral scruples are reversed. However, in my experience -- as the title of my post stated -- it's the criminally minded employees that tend to be more afraid of this.
There are tons of examples where my employer was being ripped off by warehouse employees sneaking out electronics. Now they use radio transmitter cameras to secretly monitor hotspots in the warehouse. Do you think that they have time to go through every single second of the tapes to listen to everything that any employee is saying -- maybe just to catch someone bad mouthing the boss? No. But if there is something missing from an area they will quickly scan the tape to see who was working.
Frankly, what employeer doesn't have an employee or two (or more) that hates them. Why should they care as long as they aren't doing something illegal to get back at them? Who the hell has the time to look out for people who are just griping about pay?
Scott
I am one such person that monitors the keystrokes, emails, etc. that employees make in our system. I work in a retail environment, where a lot of our employees are salespeople. On a number of occasions, I have been asked to investigate the creation of a sale. As it turned out on one occassion, a guy used stolen credit card numbers to write up product under another salesperson's initials. Dumb guy -- he tried to write the sale under his own initials first, before writing the fraudulent sale. Of course, I saw all of that. =)
I think that the original question goes off in a seriously different tangent. Why on earth would you wonder if your employeer could look at your own personal mail?
The point is: the employeer owns its own equipment and you can own your own. The have a right to do what they wish with their equipment, and you have a right to do what you wish with yours.
Frankly, the only people who have to really fear that their employeer is monitoring them at work are the ones that fear getting caught for doing something wrong or illegal.
Scott
"
simma-dohn-nah!"
I am a comstitutional scholar for a living and I can tell you this kind of message is absolutely legal in the public (government) sector. It falls under a legal premise known as "The compelling interest of the State"; ie if the government can prove it's in the best interest of the State to have such a log on, it's legal. This kind of privacy issue has been upheld numerous times by the Surpreme Court so there isn't much you can do except quit and go to the private sector where such monitoring is not entirely legal (yet).
I`ll agree with this as well. At the very root of matter, its a lot like having closed circuit security cameras in offices. But basically, they`ll get away with whatever you put up with.
Reading through these comments I accept the justification for monitoring, although it leaves a bad taste ... Where is the line drawn ? I have a clear vision of future society crippled by all pervasive monitoring. People lived like that behind the Iron Curtain and it has (and will continue to) stunt their development for decades to come. http://http://freenet.sourceforge.net/
One ring to rule them all, One ring to find them, One Ring to bring them all and in the darkness bind them.
So, how would I know if there is a keystroke reading software installed on my Win95 machine at work? Can I hit Ctrl-Alt_Delete and get the Close Program screen and find something running that I can close? What would I look for?
--Kulte
Use Angelfire before the com to email me.
More likely in this case, they would probably reconsider his employment. The government doesn't have much of a sense of humor.
...phil
...phil
"For a list of the ways which technology has failed to improve our quality of life, press 3."
Apologies for going over the top, but the circumstances you describe are very different to that implied by your original post. Doing a search as a one-off as a result of coming across kiddie porn is entirely sensible.
I'm slightly sceptical about the kiddie porn business though. It's the example that's always given whenever politians try to justify surveillance, encryption bans, whatever. What kind of admissions policy would hire someone stupid enough, nevermind sick enough, to view kiddie porn in a government office ? Do you think that blanket surviellance of the population is justified (we must protect the children...), after all kiddie porn is equally detestable at home or at work ?
I'm not arguing that employers don't have the right to monitor their employees, just that it's usually misguided.
> I would far prefer competent creative employees doing their job all the time
Does the word "Duh" mean anything to you ? The point I was making which you ignored (reasonably considering my rudeness) is that it makes far more sense to judge people according to what they produce rather than how they spend their time.
Suppose I have 2 employees: Bill produces 10 widgets a day, Fred produces 5 widgets a day (of equal quality), Fred spends his whole time working diligently, but Bill spends half the day masturbating in the bathroom. I would fire Fred before Bill. It would be even better if Bill cut down on the wanking and produced 20 widgets a day.
Distrust and intimidation is seldom an optimal way to get better performance from your workers. It might be a reasonable way to run a cotton farm with slave labour, but it's less effective in a software shop.
http://rareformnewmedia.com/
A sane organisation judges employees by their performance, ie by what they achieve, not by whether they had "inappropriate images" in their cache.
/. than some self-righteous prick who thought a good use of his time was snooping on other employees. If they're good at their job, I couldn't care less how they spend their time.
Who cares much time is spent working, what matters is what gets done.
A competent creative person will achieve more of value in 30 minutes than some droid who diligently spends 50 hours a week "behaving professionally". I would far prefer employees who browsed porn or spent the odd hour checking out
If they're not, then they can "act professionally" all day long, and I'll still fire their ass.
In the commerical world this is self correcting, companies with their priorities screwed eventually go belly up. There's no correcting mechanism in the public sector, you end up with bloated monsters that piss taxpayers money away paying a bunch of useless cretins to stare up each others asses all day.
http://rareformnewmedia.com/
Do they have an -ethical- right to monitor? No.
Ethics and business are often incompatiable, sadly. One place I used to work, I was informed that I had acted "improperly" by implementing recommendations formally presented at a security briefing. This is not uncommon. When it's a show-down between politics and common sense, politics WILL win.
"By hook or by crook..." (Number 2, intro to The Prisoner)
The more I've worked, the more I realise that the TV series "The Prisoner" was an idyllic futuristic dream, by a hopeless optimist. For all the brain-washing, torture and pressure put on Number 6, not one single Number 2 ever pretended that they had the moral high-ground.
As for what you can do. Well, you can remap the keys, and write a simple substitution program that sits on INT 09. That way, it doesn't matter if what you type is logged. Your boss is unlikely to spend the time decrypting it. However, they are likely to regard that as a hostile act on your part, and subject you to disciplinary measures.
Alternatively, you could use macros and function key definitions extensively. That way, what you type can make sense, but be subtly different from what the computer actually sees. The problem here is if your network is being monitored. The discrepency will eventually show up, and you'd probably be whisked away for intensive interrogation.
The third option, though potentially the most dangerous, is to combine the last sugestion with IP spoofing and IP monitoring. This would involve redirecting the -real- network requests, such that they don't return to your computer, directly, but rather to your subnet. From there, you can sniff them and process them as if they were to you. (You can't just multi-home your machine, as it would be too easy to pinpoint which machine the communication was for.)
This is exceptionally dangerous, as the penalty for being caught would be gruel and striped pyjamas. On the other hand, if you spoofed it to whichever senior official ordered the monitoring, either the entire work-place will go into panic-mode, or the matter would be quietly and discretely ignored.
It's a small world and it smells funny; I'd buy another if it wasn't for the money; Take back what I paid (SoM)
Yes, emphatically. Either teach yourself to lie (not a hard skill, just ask any one of 100 million salesmen across the world), or convince yourself that you really aren't lying (Never underestimate the power of rationalization). Most of us could beat a polygraph given a few hour's practice.
--
I think there is a world market for maybe five personal web logs.
That's not entirely true. Instead of quitting you can threaten to quit. Or you can write a letter complaining about the situation without including resignation threat.
Quitting fixes the situation outright, by removing yourself from it.
Threatening to quit or complaining (or, preferably, both together) works far better if everybody does it. You can even do things like not show up for work until they agree to stop. One term for it, if you do it all officially, is "forming a union".
Hey, at least they're nice enough to warn; no requirement for that. They could do it legally with no disclaimer.
At some point you'd probably have to connect to your employers network, so if they aren't able to scan you directly they'll just sniff what comes over your connection.
Sniff away; all they'll see will be ssh packets to and from my servers at home.
--
As long as they've notified you upfront that they're logging your keystrokes, they're within the bounds of the law.
Sounds like a standard systems disclaimer to me. Not many employers use keystroke monitoring on a wide scale, just because of the space requirements and implementation difficulties. (Now, think of a keystroke capture app that could, in real-time, detect unauthorized behavior -- *that's* an idea! A rather Orwellian idea, but an idea, nonetheless.)
Such disclaimers are very common in the corporate world. Prior case law has struck down computer crime prosecutions simply because the systems in question did not clearly lay out access rules and regulations. Therefore, most corporate servers -- and, increasingly, corporate workstations -- display this boilerplate in order to support prosecutions against those engaged in unauthorized access.
Now, as the Larry Wall case shows, the line between "authorized" and "unauthorized" is very thin indeed. Don't forget to ask for your manager's approval before setting up that e-mail proxy....
But if you have sufficient access to your own desktop, shouldn't you be able to kill the logger?
Sure, you could. But since you are (we presume) working at a government installation, processing sensitive and classified information, doing so would likely get you put under investigation for espionage.
Even if you are innocent, that is not something you want to have to go through. And if they find you were doing something bad (like selling secrets to the Chinese), you get an all expenses paid trip to Leavenworth.
Trust me on this: You DO NOT screw with the Security Police.
dragonhawk@iname.microsoft.com
I do not like Microsoft. Remove them from my email address.
I don't think bringing you're own laptop or whatever would do it. At some point you'd probably have to connect to your employers network,
Not necessarily. If you plug into a phone jack and dial out to your own ISP, there isn't much your employer can do about it (tapping into a modem connection demands specialized equipment that usually only law-enforcement agencies have handy). Also don't forget the SneakerNet -- and wipe the floppy afterwards.
The point is, your laptop is your private property and nobody can take a look at what's inside without a court warrant.
Kaa
Kaa
Kaa's Law: In any sufficiently large group of people most are idiots.
I don't think bringing you're own laptop or whatever would do it. At some point you'd probably have to connect to your employers network, so if they aren't able to scan you directly they'll just sniff what comes over your connection. Plus, if you're sending email from your own non-employer email to your co-workers, I'm sure they'd just be more dilligent about scanning the email of whoever you're talking to...there's now way to win. they control the horizontal...they control the vertical...
"Leave the gun, take the canoli."
this is just a placeholder till i send back my real sig from the future.
Courts have previously held that the government has to take into account the fact that it is bound by the Constitution.
And why shouldn't a private employer be held to the Constitution also? They are located in America; shouldn't they have to play by the same rules as everybody else? Something is really wrong here.
DNA is a Turing machine. You, however, being dynamic and emergent, are not.
I saw that, and I completely agree with you. Everyone freaks out about Lee because he's not an American, and Deutch is using classified documents unprotected on his home computer. The computer he accesses the Internet with. Barely made the headlines....
Big Brother, where are you when we need you?
Two things for you:
1. I would really like a good reference to the alleged article describing the "inevitability" of an accidental nuclear launch. I don't believe you or your source, so give me a bibliography. It had better be something better than the National Enquirer.
2. $60-70 per barrel for oil would cause a world catastrophe. Not in the U.S. We would be affected, but we also have enough money and resources to get around such a problem. I think most of Europe would be just fine too. They are already accustomed to high fuel prices. The real devestation would be, say, farmers in Africa and South East Asia, who just bought their first farm tractor, only to see operating costs triple or quadruple. All because of some conflict thousands of miles away from them that they have nothing to do with and no control over.
And by the way, if New Zealand were to call the United States a "Rouge Superpower"...
>>New Zealand, for example, would face serious consequences.
WHAT? What are you talking about? Do you honestly think that a tounge lashing by New Zealand would concern the United States? Serious consequences? What serious consequences? Carol Mosley Braun (the U.S. Ambassador to N.Z.) might have to schedule a dinner party.
This is not to say that N.Z. is unimportant. The reason that N.Z. will never have anything to fear from the irrational juggernaut that is the U.S. public is because they are not trying to buy ignition devices for nuclear weapons from unscrupulous companies. They are not trying to buy the worlds largest cannon from other unscrupulous companies. They are not stockpiling Anthrax or VX gas. They do not have an arsenal of unguided ballistic missiles.
I have to say that your argument is unconvincing. Even the link that you provided is a little sketchy. Many of the "incidents" described by this link involved nuclear weapons not containing fissile material. Nuclear weapons that do not contain fissile material are not nuclear weapons. They are only bombs.
This is not to say that any of the accidents involving fissile material are not serious. Contamination is very serious, and plutonium is one of the most deadly substances known to man. But we are not yet approaching the seriousness of a nuclear detonation.
The reason that I say that rising fuel prices would have more of an effect on undeveloped countries is because they do not have the resources to do research into alternative fuels. High oil prices would only speed the research that is already being done in the west to eliminate dependency on oil.
As for New Zealand. I did not intend to infer that New Zealand is an insignificant nation. My point was to say that New Zealand, unlike Iraq, North Korea and to a MUCH LESSER extent, China, is not about to have a war with the United States or one of its allies. New Zealand is not threating to invade its neighbors and is not threatening world peace. Nor is it ever likely to want to. That is why any statements that New Zealand makes regarding the politics of the United States are not going to cause much concern in the U.S.
You are certainly correct, or close enough for the purposes of this argument. Whether or not Fermi does any research is not the basis of my argument.
What I'm trying to say is that when you mention DoE to Joe Schmoe on the street, my guess is that nine times out of 10, Joe's going to be thinking about nukes. When Joe Schmoe starts thinking about nukes, he's not going to listen to reason. He's not going to care that Fermi is doing important particle research. Most Americans think that fusion reactors can go critical and explode. Most Americans think that fission is too dangerous to warrant building new nuke-you-lar power plants. Most Americans probably also think that all the DoE does is build nukes.
I'm not trying to say this argument is logical, or even morally correct. In fact, I believe it is neither. The problem is that when you deal with computer secrecy for the DoE, then you can easily build up the mass hysteria that the United States is prone to. I'll bet most Americans would chose to have the Chinese man (sorry I forget his name) accused of spying at Los Alamos strung up rather than give him a fair trial.
I guess my argument really is this: When dealing with what the DoE does, the public will willingly throw out logic, political correctness and even the Constitution of the United States of America. And if the public won't, I'm sure the NSA would be more than happy to oblige.
The reality is that not only do they (not only the DOE but any employer) have a right to monitor your phone calls, and your emails, and your key strokes, they can also ask you to take random drug tests. The only thing they can not monitor is the break room and the bath room. Otherwise, they can put cameras everywhere. Why? The short answer is that employment is voluntary, so you can be asked to give up your privacy, in exchange for a job. An excellent article on this can be found here.
As a side note, the reason most Silicon Valley employers don't do any of this monitoring is that they KNOW they'd lose employees. The only real way to fight this is to band together, and to inform management that all of the technical staff will leave, if monitoring/drug testing is done. They can not afford to lose the skilled folks. So, they'll usually cave.
Remember, the only power you have is that they need you more than you need them...
Email, webhits and network traffic can obviously be logged. Whether it is, or whether those logs are analysed is a different matter.
But if you have sufficient access to your own desktop, shouldn't you be able to kill the logger? What are common logger names to we can seek&distroy? Or are they usually hidden process that can evade the tasklist?
particular argument is correct, but it is a compelling argument,
and many will think that. It's hard enough to make sure that
security is air-tight for the areas where it's required without
trying to make sure it is air-tight ONLY where it matters.
Got to disagree: I think you can't get security right unless you
make distinctions between level's of security. If you try to make
everything an organisation does operate at the highest level of
security, then people's day to day antipathy for the tiresome
bureaucracy involved will make them conspire against the security
measures: as is happening with this Ask Slashdot.
-- Life is short. Forgive quickly. Kiss slowly. ~ Robert Doisneau
Or if you grant access to it, but then you can set the terms. Personally, I am willing to grant access to some of my own machines, under certain conditions. The conditions are just a bit
None of these terms is unreasonable, and few people would be willing to accept them.
The net will not be what we demand, but what we make it. Build it well.
I don't know about you all, but what good would this do with Unix users? I use Nedit, so I'm more often cutting and pasting with the mouse than typing out full lines of code. Lots of people use vi, who the hell could tell what they actually typed with all of those silly keyboard commands? (not that there's any thing wrong with them, please don't flame me =-)
What if you knew this and avoided _typing_ anything sensitive? Once my keyboard went out and I shut down the computer by X copy/pasting 'shutdown -h now' after su'ing... The keyboard wasn't involved. What are they going to do, log the screens and mouse clicks? What do they do when you place the insertion point somewhere else? What kind of gibberish are these people looking through?
You could enter 'sensitive' text without using the keyboard, then the benign stuff by typing. In short, who cares?
The company owns the hardware, network, data, and your time between breaks. If they want to monitor your keystrokes, that is their perogative.
The company where I work has two kinds of phones -- the supervisor model has a monitor function that allows the manager to listen to all phone conversations of any employee in their department. You just don't have personal conversations with inappropriate content and there will be no problem. If you can't deal with such a policy, start your own company.
For reference, the standard disclaimer for a National Lab's web site can be found at Sandia National Labs Web Disclaimer
I work at a DOE installation also. Their lawyers are VERY highly paid, and unfortunately, they have the Supreme Court on their side. You don't own those computers, they do. They can (and DO) do anything they want.
As a side note, our local DOE folks also monitor your web surfing, and log ALL your page requests. They also block any https:// connections, as well requests to sites on their "Evil waste of time" list, and they grep through their logs once a week searching for "keywords" ( sexy, pussy, xxx, porn, pr0n, etc). You basically have no rights to privacy since it is their equipment, not yours.
As a side note, we all just got email saying that all of our phone calls were logged, and that we could be expecting visits from our management about some of the more questionable phone calls. (In other words, more than a few local calls a day, and any long distance calls.)
As a side note, all businesses have these rights, but most choose not to exercise them.
Deal with it, or leave. The labs ARE NOT,
WILL NOT,
CAN NOT
be part of the real world.
LongTail SSH Brute Force analysis tool is here!
So maybe we shouldn't ignore it, but what if this sort of intrusiveness does stand up in court (IANAL, but this sort of thing is pretty common to my understanding, so I would assume that it's on reasonably firm legal footing)? In many cases, it's not as though we can go elsewhere to do our research. I'm a high-energy physicist. High energy experiments are very expensive, with prices that reach to the hundreds of millions of dollars. In the US, there are only a handful of labs that do it. And guess what? They're almost much all DOE labs!! What's more, depending in the type of work you do, you are completely limited to DOE labs. Even working in other countries isn't neccessarily an option, depending on what you want to do.
That being said, I'm not too worried. I think this sort of thing is probably restricted by some sort of "probable cause" consideration. I rather suspect that the sysadmins take that particular warning as seriously as the rest of us do. It was imposed from on high, not by the people who do the real work of maintaining the systems.
At the end of the day, many scientists don't have too much choice in the matter. The question is whether this represents a real threat to our privacy, or if it's just a way of placating the federal government. I think it's the latter, although it does perhaps open some doors that are better left closed.
Good point, but if you don't like McDonalds you can work at Subway, Steak & Shake, etc. It is true though, when I was working at McDonalds, it wasn't because they respected my freedom, but rather, I really need to pay rent (at least that is what my landlord was saying at the time). True most places will strip you of all rights when you walk into the door.
The laws (freedom of speech, freedom of relgion, freedom of press) are for the US goverment. Sorry if I don't include forgien countries, but I don't know there laws there. The laws are in place so that the (usa) goverment can't screw you on basic freedoms, they aren't there to protect companies, citizens or others from taking these rights away, they are just there so the person has a right that the goverment can't take away.
Almost any private place is going to take away you rights. If go into church and pass out, let's say "satan is sexy" bumper stickers, the church will (more than likely) ask you to leave. You scream "Hey man, I have the right to do this". Yes you do have a right to do this, from the goverment, the FBI isn't going to step in an drag you away, the CIA isn't going to sniper you, the goverment really doesn't care what you views are (at least that is what they say). The people that ask you to leave, aren't enforcing the goverment laws on you, but "their own laws", not the goverments.
If you refuse the leave, they may call the man (ie. police officers) and have you arrested for tresspassing and distrubing the peace, but they aren't arresting you on your views. They are arresting to protecting others (the churchs) right to freedom of speech/reglion
If you build your own church and start up a club that preaches "GNU/Linux Rocks" you are allowed to do that, and the goverment won't do anything. You could then make up your own rules, "This is the house of GNU/Linux, thou shalt not bring in closed source software" then when someone brings in a Windows98 you can though them out onto the street and yell "Don't bring that shit in here bitch, we ain't down with that". But that would be YOU inforcing your "own laws", it won't be the goverment.
But back to your orginal comments, when most people work at McDonalds it is because they HAVE to work there, not because they have a choice. In theorgy, they way it is supose to work, is that the person should be able to go work anywhere where they have the skill to work at. Anyone should be able to do what they want when the "grow up" (atleast that is what my parents told me (I think they may have lied)).
The thing is, if someone doesn't want to work at McDonalds, in theogry mind you (which means it doesn't work in the real world) they could get goverment grants/finacal aid/loans/scholerships to go to trade school/college/etc to gain more knowlegde, expeirnce, education, training to get the better job. This sometimes works, this is how it is supose to work. It does take time, but if they need to be able to train for a better job and be able to pay rent at the same time, there are options.
Just for the record, I am not knocking anyone that works at McDonalds, I used to work there. They are a respectable company and am not trying to FUD them, just using them as an example.
Even if you do have a better job, you company will still take away your freedom. Say you work as CEO of AOL (forgot his name). If that CEO of AOL came out and said AOL sucks, and used his own money to fund an AOL sucks rally, do you think the investors/stock holders/border of members respect his "Freedom of speech"?? The goverment would respect his freedom of speech, but not his company, his company would throw him out on the street (exactly the same as if he worked any other job). I think almost all jobs would fire you for something like that.
The only really job where you have complete freedom (under the goverment that is) would be a freelance job, or a job where you own the company. For example, before Andover/VA bought slashdot, I bet CmdrTaco could say "Slashdot sucks" and not get fired since he owned the company (unless he wanted to fire himself in some weird world). There are very few jobs that offer complete and utter freedom most of them are freelance/self run|owned companies/drug dealers/pimps. For the rest of us, we must do what the man says if we want to pay rent, even if that includes giving up personal freedoms.
On a side note, this is extremely difficult to say after just having watched Brave Heart. I bet if I had a sword the "man" wouldn't be on my back as much.
"`Ford, you're turning into a penguin. Stop it.'" -THHGTTG
It matters not that you are doing weapons research. It matters not that you are checking an email from you girlfriend/boyfriend. When DOE is involved, the courts hardly matter. There are very few people in this country who are going to give a flying fsck about your privacy as soon as someone mentions nukes.
And, arguably, for very good reason. Not that I think that particular argument is correct, but it is a compelling argument, and many will think that. It's hard enough to make sure that security is air-tight for the areas where it's required without trying to make sure it is air-tight ONLY where it matters.
Personally, I think that they should be checking into just about everything having to do with DOE's security. There is very little on this planet more dangerous that the nuclear arsenal of the United States of America. I'd like to keep it that way.
Indeed. It's not that America's nuclear arsenal is so dangerous--it isn't. It's that the nukes and the knowledge to build them (especially the knowledge) would be dangerous to an unfortunate degree in the wrong hands. The world already has enough terrors. Far more than you imply, incidentally. I can think of nearly a dozen worse things than America's weapons of mass destruction. Near the top of the list would be the arsenals (nuclear, chemical, AND biological) of a range of countries. Or perhaps even worse, the possability of the emergence (either through random mutation or careful manipulation) of an air-borne retrovirus (what happens if you take a disease that is as hard to cure as AIDS, kills as fast as Ebola, and spreads like the common cold?). No, the world has enough worries without more nukes in more hands. Of course, one of those worries (and a very serious one) is infringements on free speach and privacy, such as this latest assault by the DoE. Nothing is ever easy.
...and that's what probably makes it legal.
They own the equipment, they own the network, they even "own" your time at work. You can't say that you can't do your work because it might be monitored - so what, if you're doing work it doesn't matter.
What about personal stuff, right? Well, if you don't want it monitored... don't do it on their system. It's as simple as that.
Of course, IANAL and your mileage may vary.
BlackNova Traders
It seems unreasonable to give any corporation or government agency the ability to steal the passwords to other networks. Controling mail spools and data flows is one thing, but stealing keystrokes and passwords undermines every site's security. If the government or corporation wants to restrict employee access to another network they can do that by disallowing connections. But allowing keystrokes to be recorded which in turn allows the company or the government to compromise the other network looks like cracking and entrapment to me.
They can even fire you for it in some cases. There are some cases where they cannot use the information against you. When discussing job benefits, working conditions, union organizing, or something along that line. Also, if you are speaking out against discrimination. Another is if you have filed a complaint of law, and the law prohibits retalition, and then they monitor you because you filed a complaint, then that is another form of retaliation (increased scrutiny, see the EEOC guidelines).
Fight Spammers!
There was an article (in the NY Times I believe) recently about an airline that got a search order issued by the court to search the HOME COMPUTERS of employees suspected of organizing a union sickout or some such thing.
:-)
So if your employer has a good enough reason?, he can even search your home computer.
If you want to avoid having your email searched at work or home, get several anonymous remailer accounts eg HotMail. Be sure to log out every time you use it. Use one account for mainly newsletters, the other for personal mail. If they note you have a HotMail account give them the account with the newsletters
"Open code, in other words, can be a check on state power." -Lawrence Lessig
There is no arguement as to the "legality" of the governments position. They own the network and the equipment as has been stated... they also own the information and wrote the laws.
No one, least of all me, likes the government or the employer looking over your shoulder... but when the government is the employer and you are using government resources time and bandwidth... its better to use the resources, time and bandwidth for the reasons you are there in the first place.
If you bring home a dog that bites you can't complain when it bites... Your acceptance of the condition is contributory to your condition.
................................... Tom Tornado * Making things better since 1960 *
In the past, I worked for the Department of Defense for several years, both as a civil servant and a civillian contractor. Let's just say that if you think DoE is paranoid, DoD is worse. I was subjected to the same sort of warnings and disclaimers about consenting to monitoring, and consenting to allow such monitoring to be used as evidence should they investigate me for wrong doing. IANAL, but this monitoring has been in place for many years, and has been used successfully in disciplinary cases, so I have to figure that there is a legal basis for it.
To me, knowing that "big brother" was watching didn't really bother me. I can see that they have interests to protect, and I was not doing anything unauthorized. I have since left the government scene for the corporate world, and it seems to me that the biggest difference in monitoring between the two is that at least the government makes sure you know you are being watched. I see just as much monitoring in the enterprise, only it's done much more surreptitiously. My question is, is it really an invasion of privacy for my employer to keep track of what I do on his/her computers and office equipment inside his/her office space during hours when I am on his/her payroll?
--The Colonel
> It's that the nukes and the knowledge to build them (especially the knowledge)
... in the wrong hands" you actually mean "dangerous to _me_ personally", rather than "dangerous to innocent people". (I'm guessing you have US citizenship to protect you from US weaponry).
>would be dangerous to an unfortunate degree in the wrong hands.
??? The USA has internationally _earned_ itself the nickname "rogue superpower", it stockpiles (and frequently uses) weapons of mass destruction and weapons of indiscriminant destruction, it has one of the worst records of initiating force in other countries, undermining democracies, propping up dictatorships with force, and worse, and you talk of "the wrong hands"?!?!
Presumably by "dangerious
When a US General (among many others) states that the reality of the US nuclear stockpile is that it is a miracle that an accidental launch has not _already_ occured, you might begin to see why countries object to weapons stockpiling.
While the US can pretend to its citizens that it is somehow different from Iraq, its own actions frequently force the rest of the world to remain unconvinced.
And I bet you'd think Iraq was "the wrong hands".
I think there is at least one more option short of quitting: immediately log off and tell your employer you refuse to use any computer that contains that notice. If computer use is a requirement of your work, then it becomes an interesting question of whether they can compel you to use such a system to keep your job. I knew a gov't laboratory employee who refused to take a 'random' drug test for the second time in as many weeks. It really gummed up the works, and got escalated to the head of the laboratory. If nothing else, your refusal would consume vast amounts of management time, and they might reconsider the policy.
"I think that we should be men first, and subjects afterward. It is not desirable to cultivate a respect for the law, so much as for the right. "
--Henry David Thoreau
---
$ su
who are you?
$ whoami
whoami: no login associated with uid 1010.
The Bastille hardening script adds this to
/etc/motd. The script claims it gives you a
better chance of intruders being prosecuted.
Carnegie Mellon University, where I used to work, has the following disclaimer at login:
I think this is for two reasons: one--to make any evidence they find against crackers more legally clear. two--to cover their asses in the case that they accidentally read someone's email (or the equivalent) doing system maintenance.
It's important to remember that if you're in any sort of shared environment, your sysadmin can very easily read every byte in the system, follow every bit thrown out the pipe, and etc. What's important is that ethical sysadmins don't use this power for evil. :)
No really--I'm serious. As a sysadmin, and a BBS sysop before that, I've had the power to do things like read users' email for a long time. I feel that I have an ethical responsibility akin to those a doctor or lawyer has with respect to confidentiality. I will not pry--but even if I do, I have no right to make public things that I learn. This is most important when doing routine things like backups or looking for files which are taking up too much space, or fixing mail spool files when there's a bad mail loop, or the like.
It's hard not to learn things about people that you shouldn't know in these cases. And as a result, I don't believe in sharing information learned in such ways with anyone at any time. I'm upset when I hear stories about sysadmins stumbling across somebody's private stash of kiddie porn and turning them in. It's true that kiddie porn is pretty damned foul--but in the interest of protecting everybody's right to "sysadmin confidentiality", I still don't think such things should be mentioned. At the very least, I'd probably say "please remove these files from the system, or I'll have to take steps against a potential DoS attack by law enforcement officials."
Anyway, my two cents. I think I'll go look up the CPSR and other like-minded groups now and see if anybody's got a sysadmin code of ethics. :)
This is a US Government computer. This system is for the use of authorized users only. By accessing and using ths computer system you are consenting to system monitoring, including the monitoring of keystrokes. Unauthorized use of, or access to, this computer may subject you to disciplinary action and criminal prosecution
That's what everybody gets on our office machines at the Johnson Space Center. Considering the enormous mountains of paperwork that people type up every day, I would hate to be the guy who reads the key logs. ;-) Even if all they did was store the keystroke logs somewhere, it would be an enormous amount of useless data.
As for legality, hey, man, I just work here.
I use Macs for work, Linux for education, and Windows for cardplaying.
The think you forget, is when you want into a workplace, you lose some of your freedoms. It is a private company and they don't force these "laws" on you, they give you are choice, "play by our laws, or leave/get fired"
For example, we all have the moral and legal right of "Freedom of Speech", but if you take a job at McDonalds, when you are clocked in your "Freedom of Speech" goes by-by. You can not say "So what the fuck do you want on this shitty ass BigMac dicksmack" to the customer. Sure, this is prefectly legal and lawfull (in the US), but McDonalds (private company) will fire you.
If you want to be able to say "fuck" and tell the world McDonalds BigMacs are "shitty", you will have to do it on your own time. The fact is, you are working at McDonalds on your own Free will, and they hired you on their own Free will. At any time either you, or them may terminate the employement agreement. (unless you sign a contact)
Most companies do monitor, on our phone system they warn the customers and employees that the lines are tapped, I mean montior for employee spying, I mean employee montioring and training purposes. They aren't forcing me to work here, and they aren't montioring without my permission. If I did not agree to this, I would have to either 1) quite 2) not agree to it (which would probably lead to me getting fire)
I think an employeer has the right to monitor, but the company HAS to notify the employees for this before hand and tell them what they can and can't do with the system (ie. no p0rn in email or hot grits in pants during business hours, expect for on fridays)
"`Ford, you're turning into a penguin. Stop it.'" -THHGTTG
Mars Lander Telemetry Control System
login: root
password: xxxxxxxxxxxxx
Welcome to the Mars Lander Telemetry Control System.
MOTD: Management has become aware of the unauthorized use of agency computing facilities for the distribution and use of illicit materials, which is in violation of the computer use policy. Anyone found in possession of or transmission of such materials will be prosecuted.
jpl:# cd / pr0n
jpl:# rm -rf / pr0n
^C
^X
^C
^X
^D
bun-fhuinneog agam!
There's always one more option, though their effectiveness may be questionable... for example:
In the wake of the spy scandal last year, the DOE implemented a mandatory random polygraph policy for all of their Los Alamos employees. Every one. Needless to say, the affected employees were rather annoyed, and they organized and threatened action (wish I could be more specific). Anyway, the DOE just recently backed down and decided to only require random polygraphs for employees who work with sensitive information. They did something about it.
And also, if you have enough money to contribute to your senator's campaign, you could always go the Congressional route. It works for contractors.
(Sorry if this appears twice, but if /. hadn't timed out, I wouldn't be pressing the submit button again.)
I can see the fnords!
A very important note: In the US.
But invalid in Germany. There, you cannot even perform exact recording of dialed numbers on the company PBX. The employer if recording them is obliged to erase the last n (forgot how much) digits. And recording email by the employer is absolutely out of the question.
Baker's Law: Misery no longer loves company. Nowadays it insists on it
http://www.sigsegv.cx/
This is actually a very common situation, and the legal battles took place mostly in the late eighties and early nineties. The employer pays for the equipment and resources, and they have the right to designate appropriate usage guidelines as well as monitor.
Partly this absolves systems people like me if we happen to come across your e-mail by accident (trust me on this one: I was working on a mail server yesterday and I could see the addresses EVERYONE was sending to, including some verrrry interesting domains), but also in case they have to investigate for any reason. Let's say another employee claimed you sexually harassed them in sending e-mail (let's also assume that this is serious, not just random dirty jokes, talking about the other person's anatomy for example). The company has the right to look at the victim's computer, your computer, the server, even SEARCH THROUGH DESKS looking for floppy disks on which anything relevant may have been saved. I've seen it happen.
As a systems administrator I have to install monitoring and blocking software. I can track every site you visit with your browser, stick it in a database and e-mail it to your manager by 8am Monday morning. He can see that Joe was surfing business-related sites, maybe too much, but within acceptable limitations; Mary was spending all day long at eBay; Dave was recklessly looking at p0rn on his lunch hour; and so on. As long as there's an upfront disclaimer, all such monitoring has been upheld by the courts. It doesn't even have to appear at login; you could have signed a blanket disclaimer when you were hired, and it was just one of a dozen sheets of paper you John-Hancocked and forgot about.
One employer determined that a married woman had transferred to another location in order to conduct an affair with a man there. They fired both of them, not so much for the affair, but for falsifying time sheets and so on, based on e-mails where they set up hotel rendezvous during work hours. They almost fired another woman who was the first woman's confidant in this situation because she had failed to report it.
Another employer requested printouts of all e-mail sent by an employee during his last week, as well as all outside mail sent and received by his friends in the department, in order to prevent disclosure of client trade secrets.
Another employer found that pornography was passing through the e-mail system and before any of the employees were notified, I and another individual had to check for anything illegal. If we had found anything, we were to call in the police.
When I worked on a help desk, I never knew whether my calls were being monitored silently by my boss. My internet usage at work then was via dial-up and this came to the attention of the telephony group, who reported it to my boss, and my boss then required me to justify time spent. (I was able to do so, it was mainly research.)
Bottom line: when you're at work, don't ever assume you have privacy. The employer has broad rights to monitor you for not only illegal activities, but for violations of your employment agreement, for slacking, for slandering, for sexual harassment. Some of the posts here speak of your government employment as a unique situation, but it really isn't. Out in the Real World you may, in fact, have FEWER rights to privacy than in your present situation.
----
lake effect weblog
{Network engineer in Chicago--looking for work!}
Under the current law (you don't have to like it) the employer owns everything that happens on machines and networks it owns. That means that your email, your files, and, yes, your keystrokes, belong to your employer. This has been supported by courts numerous times. If you want privacy, bring your own laptop/PDA/notepad.
I don't think you can much about it except for quitting (or threatening to quit over pervasive monitoring).
Kaa
Kaa
Kaa's Law: In any sufficiently large group of people most are idiots.
This isn't exactly a vague situation. There might be a little lee-way if we were talking about a normal corporation, but this is DOE.
If you don't like the new disclaimer, all you can do is quit. As far as my experience goes, when working with the government, and especially when dealing with the military branches, and even more especially working with DOE, you have no rights to anything what-so-ever.
It matters not that you are doing weapons research. It matters not that you are checking an email from you girlfriend/boyfriend. When DOE is involved, the courts hardly matter. There are very few people in this country who are going to give a flying fsck about your privacy as soon as someone mentions nukes.
I'm not trying to say that this is right or moral, just the way it is. The NSA (National Security Agency) has very broad powers when it comes to protecting nuclear secrets. The secrets could be anything from warhead design to the number of gallons of water in a reactor's coolant reservoir.
Personally, I think that they should be checking into just about everything having to do with DOE's security. There is very little on this planet more dangerous that the nuclear arsenal of the United States of America. I'd like to keep it that way.
Big Mac
Large Fries
Large Coke
Happy Meal
Medium Chocolate Shake
Trinoo Attack on CNN
McDonald Land cookies
10 pc Chicken McNuggets
I can see how this would come in handy.