Slashdot Mirror
A Search Engine For Corporate Desktops
Chibi writes: "Wired has an article about Altavista creating a new application that allows corporations to search their own networks, e-mail systems, and computers. It allows for certain areas to be designated off-limits and companies can determine who has access to the application. They claim it is a tool to increase productivity, but what are the chances it will be used to monitor people instead?" As the article points out, if a business implements this kind of desktop snooping, though, they could face additional liability as well.
Great, guess I have to stop making those pr0n slide shows in Power Point. Oh well fun while it lasted.
I know, off topic, but I just hate to see incorrect information propagated...
"paranoia a tendency on the part of an individual or group toward excessive or irrational suspiciousness and distrustfulness of others" Merriam-Websters
--
-- Slashdot sucks.
If there were some law passed that made writing software that does this illegal, then there would be _another_ YRO article about how the evil government is taking away the file-sharing rights of the masses.
Actually, I've seen a demo of this very thing (probably a much earlier, less refined version, but still...) from a CD the Altavista guys were passing out at DECUS meetings (and possibly Comdex '96 as well) more than 4 years ago (IIRC, the demo explicitly EXPIRED at the end of February '97).
Also, realize what it is and is not designed to do: it isn't a spying tool (you can preclude it client-side from scanning certain directories), it's a productivity tool. Example -- this is employee Bob's train of thought:
MOO;IANAL.
MOO;IANAL.
There used to be a picture linked here.
If you work for a big company that produces a lot of confidential documents, it's difficult to keep track of them and make sure they're stored securely. It would be useful to be able to find all documents across web servers, SMB shares, etc., check them for proprietary or confidential markings, and generate a report for the people that keep track of this sort of thing.
As far as privacy goes, whether or not you have an expectation of privacy on your work machine, you would have to be really dumb to leave anything personally sensitive on it. So I'm not bemoaning the loss of a privacy that never really existed.
Caution: contents may be quarrelsome and meticulous!
Your right to not believe: Americans United for Separation of Church and
OK, dig:
All large networks have a means of shoveling out system patches, upgrades, etc. For example, in a MSquishy or Novell network the login processes make the client run a script which the system admin specifies. I use these scripts to hack the registries of WinBlows boxes to make them less insecure, and to identify rogue boxes that lusers set up without loading minimum patch sets.
If you don't have this, you are either a wimpy little network (less than 1000 nodes for sure) or in a situation of impending doom as entropy grinds your systems into chaos.
So, the system admin shovels out a set of public keys, and an ssh daemon, and now he can run find remotely on you. If you can't afford ssh daemons that run on your OS, get linux ^H^H^H^H^H^H^H^H^H^H^H^H I mean write a beentsy little TSR that listens on a weird port and runs whatever find facility your OS uses. Pretty trivial really. You can half-assedly secure it by changing the keys daily, and you should block the port used on edge routers, but really, this is nothing compared to the stuff admins do on large networks as a matter of course.
Our chief network admin guy (not me, any more, hooray!) thinks it's a slow week if he hasn't edited files or registries on at least 400 PCs...
--Charlie
I'm sure that this eventually stops, once it is only necessary to index new and changed documents. I never waited long enough to find out.
Anyway, it's pretty obvious what's going to happen. This software is going to be installed, and the poor PC support guys are going to be flooded by complaints about sluggish systems, and everyone will just live with it. The workplace gets a tiny bit more hostile ...
Hey, here's an idea, why not improve productivity by eliminating all bathroom breaks! Great idea. And let's charge employees for toilet paper, and dock their pay for sticky poop that leaves a mess on the side of the bowl! Why not? Hey, why shouldn't slavery be legal if the slave sells themselves? The answer to all of these is human dignity, apparently a concept unknown to you.
Only a simplistic idiot argues that everything you take away from employee freedom is a plus for productivity - except the kind of retards who aren't managers and are posting on company time - or else are in college and don't know a damn thing about work at all.
Boss of nothin. Big deal.
Son, go get daddy's hard plastic eyes.
Expanding a vast wasteland since 1996.
Ok, here's a little quick lesson in mangeral speak with some background.
Increase Productivity = restrict anything that isn't productive.
You're work 8 hours a day. Company-related email checking, meetings, etc take, say, an hour out of that. 7 hours a day of real work. Anything personal - personal emails, personal calls, resume touch-ups, etc - is being non-productive.
Duh. Increase productivity by removing everything else.
______
There goes the heyday of reading /. Surely this will reduce the incidence of sites getting /.ed.
--
Slashdot: Failed Car Analogies. Amateur Lawyering. Anecdote Battles.
Remember this article that the companies would have to tell employees of their policies beforehand
If you work in a factory, your line manager comes by, makes sure you are doing things properly and monitors your productivity. What does this mean? He makes sure you are meeting quotas, keeping up to pace with the rest of the employees. Why? Because then the owner of the factory can state with some level of certainty how much work he is getting for his dollar. Project managers are supposed to do something similar in software companies. They are supposed to ask for estimates, assign tasks, measure and record how long it takes to complete those tasks and monitor your productivity. This allows managers to make estimates with some level of certainty as to how much new work they can take on, when to set deadlines (instead of defering that to marketing) and work his budget for new hires, equipment, etc. It also means that me, as a code whore, can do my work with some sort of idea of how well I am performing, when I'm going to step out of this long dark coding tunnel and get to do something new, and have some sense of achievement when our deadlines are met. It also means that the responsibility to find work, lead the production schedule, evaluate feature requests, find out what the hell everyone else is doing and who I can/should colaborate with, etc, etc can be liften off my fragile shoulders and given to some who actually likes that kind of crap, and I can concentrate on coding.
But in the mean time, I'll just keep takin' your money, sucking back the free "soda" and posting random shit on Slashdot. All in a day's work.
How we know is more important than what we know.
The problem with this viewpoint it that it flies in the face of the fact that most of us think DeCSS should be legal. We sit here and say that the new X technology is bad because it will be used against us; Judge Kaplan basically said the same thing when he ruled against DeCSS.
The fact of the matter is, this new corporate technology does have a legitimate business purpose. The same can be (and should be) said for DeCSS. We don't come down against DeCSS just because it can be used for piracy; we should not come down on this because it can be used for snooping.
If you are doing sketchy internet stuff at work, either use PGP for mail and browse the web through www.safeweb.com, or SSH to your home machine and be sketchy from there.
> yet Google can search the entire web in under 1/2 a second for me?
m l
. shtml
Because google has over 4,000 !! linux boxes with custom clustering software.
http://www.ee.ethz.ch/~slist/ee-talks/msg00056.ht
http://www.slashdot.org/articles/00/05/31/1242237
Cheers
it's like monty burns said... "let the fools have their tar-tar sauce"
---
/bin/fortune | slashdotsig.sh
Why is it when Napster gets told, your product can be abused, Slashdot is quick to say that the users who abuse the system should be punished, not the system.
But when piece of software like this is mentioned, Slashdot jumps all over it because it can be abused.
Shouldn't we keep the same standard here?
Sure the software can be abused. That doesn't mean it will be. And if it is, it should be handled on a case by case basis.
--Ty
I mean the release of a new search engine is hardly news. And the tenous link to employee rights is just that...tenous. My employer can come to my PC and do windows->start->search any time they want. They can do it remotely using VNC. They can mount my local disk and do it remotely anyway. There's nothing new here except someone deliberately trying to put spin on an innocuous story to gain publicity.
--
-- SIGFPE
--
Free Mac Mini
What I do on my own time is my business.. Of course, if I show up at work high or whatever, that's another thing. But as long as my performance is fine then they shouldn't be messing around with my personal life.
--
Free Mac Mini
It's an insightful flame, cowlick.
Got Rhinos?
Amen to that. Sometimes these articles and posters need to be flamed, because they're just plain stupid.
Got Rhinos?
Hey, did you hear that Windows has installed a "Find File" feature in windows so that my sister can spy on me?
Hey, did you hear that Google allows Government thugs to search my personal websites?
Hey, did you hear that flashlights a violation of our personal rights because they are being used to perform surveillance in previously dark corners of my garage?
Shut up already.
Got Rhinos?
Huh...? I thought CTS was a joke? :)
No replies made to AC posts. Please log in.
and if they're getting it done in half the time, then spending the other half browsing porn and napstering, I'll want a goddamn good explanation
Well, I wouldn't be browsing porn or napstering, but I often read Slashdot after coding for a while. Why? What am I doing, reading Slashdot instead of working?!? ... Well, I'm trying to solve a problem. I've looked at the problem from one angle for long enough and now it's time to move on. It's not at all abnormal for me to come up with a solution to something after I've stopped actively working on it for a while.
In fact, generally speaking, if I were forced to be actively working on something every minute of an eight-hour day, my productivity would fall sharply. Many times I've spent an hour working on something, than left to do something else, and come back and looking at it fresh realized that instead of starting the variable with a "t" I meant to start it with an "r" - a stupid typo just wasted an hour of my time.
The bottom line is that computer programmers and network admins probably won't spend their entire day "working" - however, even when they're doing other "worthless" activities, their subconcious is still attacking something from earlier in the day, and when the programmer gets back to the task, they'll be far more productive than if forced to just pump out code all day.
--
You are in a maze of twisty little relative jumps, all alike.
This new tool lets you store information electronically, and store many thousands of pieces of information for instant recall using either simple searches or browsing through organized folders.
Although this new tool has been widely praised for its ability to help manage the enterprise, it is also vilified by some by its insidious capability to monitor and spy on people. Your actions can now be tracked and recorded for all to see.
This new tool can be combined with other like tools in a network, further increasing its capability for unleashing restrictions on your freedoms.
It's called...a computer.
No, Thursday's out. How about never - is never good for you?
Deciding who to pay is a RIGHT; privacy at work is not.
Do you have those camera installed in the bathrooms as well?
It seems to me that my employer pays me for what I do not how I do it. I occasionaly take work home, and you know what? I also occasionaly take my personal interests to work. If I'm not doing the job I was hired to do, well, fire me. No need to spy on me.
air and light and time and space
If I'm paying someone to do work, I want to know that they're doing it - and if they're getting it done in half the time, then spending the other half browsing porn and napstering, I'll want a goddamn good explanation. Either reward them for their efficiency, or give them more work to do (probably accompanied by a raise due to their heightened value to the company).
/. community this: why must you focus on the negative possibilities? Assume that Some people are good, and not everyone is out there trying to invade your privacy. This program could have its merits, give it a chance before condemning it to hell for something that hasnt yet happened.
I completely agree with you. BUT, why is everyone overlooking the legitimate use of this software? Corporations spend tons of time trading paperwork back and forth, often in an email-tag type atmosphere.
Consider this scenario:
An employee in California would like to review a draft of a memo written by an employee in London. Under normal circumstances, the only way to do this would be email the London based employee, who, due to the fact he's in a far distant time zone would not respond until the next day. Thus, the California based employee is forced to either attempt to search (shared resources, ftp sites, corporate file servers, whatever) manually for a document. This software, however, could expedite this process SUBSTANTIALLY.
So, I submit to the
Mooniacs for iOS and Android
Second, I think that this would be really great, you wouldn't have to go and ask "Bob the forgetful" or "Alice the daughter of chaos" for the sales figures / etc from '95. Honestly, waiting for people to get you stuff is a pain in the ass, especially if, well, you know.
As for privacy, well, quite honestly, if you're at work, don't expect any. Seriously, with windows boxes being so open, its a joke to even consider that your files can not be searched at the current time. Shit, everybody runs windows 95/98 at all companies I have worked for except one (they used nt 4.0).
\\BobsComputer\C\My Documents\FuckIHateMyBoss.doc
isn't exactly hidden.
I don't think emails should be included in the search, but you get enough "personal information" (read gossip) around the water cooler / coffee maker / cappuchino (SP?) machine / ping pong table.
as for
For instance, an employee alleging harassment by another co-worker could demand an employer search for incriminating evidence in e-mail accounts and PC hard drives.
They can do / do that stuff right now, lets not kid ourselves, have no expectation of privacy at work, shit, especially if they own the computers, facilities, etc.. there is nothing that they can not do.
The slashdot 2 minute between postings limit: /.'ers since Spring 2001.
Pissing off hyper caffeineated
1q2w3e4r5t6y7u8i9o0pqawsedrftgthyjukilo;p'azsxdcf
You are _very_ correct, but where this little tool is truly dangerous is when you turn the tables and ask how can this little tool hurt the company.
Even if the IT group implements a fantastic security model with near perfect permissions and group heirarchy, the company will get burnt by this tool. I'd even wager that its guranteed to cause a company more harm than good.
No matter how hard you train/indoctrinate people, they are going to gossip, and someone is going to put it in an email or some other document. The next thing you know, items from an employee's confidential personnel file has found its way into the general index and the company is liable for that leak. As a paralegal, I've seen companies lose thousands for failing to properly safeguard personnel files in which one or two people improperly viewed them. This tool has the potential to raise the bar on the level of liability into the millions.
Now I'm not saying there are no beneficial uses to this program, but the article was right, this is an "Ivory Tower" tool.
"The words of the prophets are written on the Slashdot walls."
Yes, and many do. In fact, if you've ever paid attention to the greetings on nearly every 800# in the world you will have noticed the alert that some calls are monitored for quality assurance. I used to work in a place like that and had absolutely no problem with it. My supervisor at the time would randomly listen to our calls with customers and then critique the sampling at the end of the month. Everyone knew about this and there were phones in the lounges and breakrooms that were never monitored. Furthermore, the policy was you can make personal calls from your desk, but realize that someone may have tapped into your phone expecting to hear a customer call. Of course, the good managers would come back to you when you were done, but there was no expectation of privacy. Did I mind? Not at all, it was a valuable tool for identifying rude and stupid reps.
Now, do I think its right to monitor people's phones who don't interact with customers over the phone? No, but it is the employer's right, and if I don't like it I don't have to work there.
"The words of the prophets are written on the Slashdot walls."
So if I receive a personal FedEx shipment while I'm sitting in THEIR office, does it belong to them?
No, because they don't own the package.
When I put my bag with private notes from my bookie/girlfriend/boyfriend/connection in THEIR credenza, does that give them the right to search through it?
They don't have any right to your private notes, but they certainly have every right to go through their credenza. They own it, not you. You are simply permitted to use their credenza. As for delving into the contents of the bag, that is a little grey. They can demand to search through the bag, but they have to have a good reason like suspecting you of stealing. Of course, if they're wrong there isn't much you can do either.
I use my own (i.e. paid for out of my own pocket with my own money) notebook PC, hooked to THEIR network when I'm in the office. So what rights do they now have? Can they intercept my personal email while it's going through their POP server and on their pipe, but once it lands on MY system I'm home free?
This one is just as clear in the eyes of the legal system. They can't search your laptop, but they can legally sniff every single packet sent over their network if they so choose. Again, you are being permitted to use their network. Furthermore, any email resting on their servers regardless of origin or destination is theirs for the reading. Also, they can demand to search the laptop for trade secrets or confidential documents that shouldn't be leaving the office, but I don't think they can force you to without a court order. Not sure on that one.
I don't disagree with the concept of ensuring that people are productive while at work, and I don't disagree with a company taking appropriate steps to safeguard its own legal liability as a result of its employees' actions. However, I've never been in favour of such intrusive spying, surreptitious scanning of email, web usage and workstation hard drives. Acceptable use policies and goal-oriented management (as opposed to counting lines of code generated, for instance) should be enough for a competent management team. (Fair disclosure: I am a 40+ executive in a tech company.)
I agree completely, if a company cannot treat me with respect and resorts to draconian policies with regards to snooping, I'm gone. Its there perogative though, and if they want to be dicks and make their employee's lives difficult they're going to find themselves constantly looking for help.
"The words of the prophets are written on the Slashdot walls."
Even if the IT group implements a fantastic security model with near perfect permissions and group heirarchy, the company will get burnt by this tool.
I think you bring up an excellent point. However, right now the general problem on corporate networks is not too much information leaking, but too little -- data is locked up in thousands of word and excel files floating around on people's hard drives. Million dollar "knowledge management", document management, portals, groupware, and hell even fileserver solutions are attempts in trying to correct this, but for the most part, they only work as well as the users do.
This tool seems to take the underhanded approach of "Hell, if IT can't teach the lusers how to use their 'S:' drive or Outlook, why not go to the source and suck the files right off their hard drives." But, that begs the question that if users can't figure out how to use a shared drive, how will they understand a private/public directory setup on their local drive?
Not to mention the common HR attitude that IT can't be trusted to secure their personnel files, so they stay right on the computer locked in their office.
When I hear the word 'innovation', I reach for my pistol.
I can't see how immediately the majority of people will jump directly to the most paranoid inferences anyone could draw from the capabilities of such a product.
I mean obviously whatever evil corporation you work for may choose to abuse this type of product as another way to spy on employees, but be realistic - for the most part companies don't care what you do as long as you're productive and don't cause problems. Sure certain environments are very high on increasing productivity, to the point where washroom breaks are timed, etc, but most places are not like this.
In a less orwellian workplace, these types of products can be excellent tools to facilitate the search for knowledge. Would you know who to call in your company to get some obscure piece of info about how a particular system works? Would your co-workers? Probably not - that's why this type of global content indexing and affinity-mapping can be a great asset. I may not know who to call about the way an ACF2 subsystem on mainframe X is used by web application Y, but I can do a quick search and have someone recommended. I would kill for that capability in my job today - as an enterprise architect we need to know who the movers and shakers are in the company and keep a handle on ongoing projects, and unfortunately 80% or more of them never go in front of any sort of review board, so searching out the stealth projects is a big problem.
As a result, we've investigated a few products in this space - for those who are interested, a couple of other examples are:
Verity K2 Enterprise
and
Lotus Discovery Server
"So on one hand, honey is an amazingly sophisticated and efficient food source. On the other hand it's bee backwash."
Desktop search/update utilities have been around for a while. My work desktop had one that kept going online to update things like IE (ostensibly for Y2K compliance) - it was slowing me down, so I found and deleted it. Case closed.
sulli
RTFJ.
I like them and I like their product; however, it didn't quite set sales goals on fire. It's very difficult to get used to accessing your data through a search engine when you're used to opening up folders on your disk. It's a great replacement for the Start | Search feature in Windows, but the extra power and extra speed it provides never generated the enthusiasm the founders hoped.
While I take on board all the points about it's your company's computer, network, internet pipe, etc...
Hands up who's posting from work!
I just hope it doesn't do anything else dastardly, like port scanning. Yup. These are tools that can only be used for evil, greedy, corporate oppression.
+5:offtopic,but anti-American
The computers, network, servers etc. all belong to them in the first place.
--------
Bleah! Heh heh heh... BLEAH BLEAH!!! Ha ha ha ha...
"a new application that allows corporations to search their own networks, e-mail systems, and computers. "
:)
It's called Windows and a Bad admin. This is implemented in plenty of places...
Tim
Correct me if I'm wrong, but couldn't I just stick gnutella on all the computers in the network and just point them at each other? I've never tried it, but I've thought about doing that for finding stuff on a small network.
As for spying, that's what back orifice is for. I'm used to /. being paranoid, but not *that* paranoid.
You know, it's your employer's equipment. They're providing the connection and the computer. They expect you to use it to increase productivity at the workplace.
Don't expect privacy at the workplace. There's no point to it -- your employer can do whatever they want.
Employers have been 'spying' (if you want to call it that) on their employees for years. What do you think 'quality assurance' is for tech support workers? That's right, "All phone calls may be monitored or recorded?"
How this qualifies as news is beyond me.
Do you like German cars?
LSD has more urban legens associated with it than Richard Gere. There is no test in the world that can tell if you've taken LSD if you wait 4 or 5 days after ingestion. It is water soluble (unlike THC), so it isn't stored in your body fat. It is also not stored in your spinal fluid or anywhere else in your body. Flashbacks, if they exist at all, are a purely psychological phenomena.
Check out the FAQ for more info.
-- Give me ambiguity or give me something else!
This seems perfectly reasonable to me, but since it's being done by corporations, it must be bad. Corporations are all evil. It's true--I read it on Slashdot®.
Having worked in small- to medium-sized companies, I've been a bit spoiled with regards to interpersonal communication. But occasionally it's hard to find out who on the team has written a spec, or who has the source code to a component (CVS, i know... don't ask), etc. This would be great for that -- you don't have to go desk-hopping or send a broadcast email to find out who has what, you can just search for it.
As far as privacy concerns, well, don't store private things on your work machine. The software theoretically allows you to set certain areas as unindexed, but i wouldn't trust it at all. Look at it this way: would you leave private things in your (unlockable) desk before going home at night? Your computer is just like that in this system--it's a desk you can't lock.
I carry a backpack around with me when i go to the office; it contains random personal things, they don't go in my desk. Personal data should be in a data backpack of some sort, if you bring it at all.
All in all, i think this has more positive potential than it does negative. When it comes to productivity vs privacy at the office, i'll take productivity at the office, so i can get to my privcay at home.
If you've paid me to walk around normally for a couple of days, then sure you can follow me. I've surrendered my right to do things besides walk around normally in return for your money. Therefore, feel free to follow. I would reccomend that you do it unobtrusively as possible, though, since you don't want to interrupt my walking around normally.
My Karma is so good, I'm the Dalai Lama...or something.
This is one of those things that shouldn't bother you unless you're doing something wrong. An employee is hired to provide a specific service to a company. The company, under a capitalist system, tries to use the employee to earn money. The best way to do so is to have the employee providing their given service at peak efficiency. If that employee spends all day downloading prOn or trying to get first posts on /., the company should logically either pay the employee less, or punish them. Sure, it'll make work suck, but that's a fact of life. (Office Space, anyone?) If all employees were forced to work straight through their workday, they'd have mental breakdowns, and corporations would shorten the workday. In short, this is just a move by businesses to make more money, and if you already do good work, it won't effect you. If you don't work hard, it may force you to. If it's used to make unreasonable demands, productivity will fall, and business structure will change.
My Karma is so good, I'm the Dalai Lama...or something.
What don't you people understand? Your employers are allowed to spy on you for a REASON. They don't want to GIVE their money to someone who is going to turn around and stab them in the back or waste time all day long. It's the same reason that drug testing is perfectly legal. If they don't want to hire someone who does drugs, then they don't have to.
Deciding who to pay is a RIGHT; privacy at work is not.
and you shouldn't be doing anything on it or with it that they would not approve of. Why is it that so many people tend to ignore/forget property rights? Monitoring a home user is evil, monitoring your employees is just smart. If I'm paying someone to do work, I want to know that they're doing it - and if they're getting it done in half the time, then spending the other half browsing porn and napstering, I'll want a goddamn good explanation. Either reward them for their efficiency, or give them more work to do (probably accompanied by a raise due to their heightened value to the company). Sheesh, guys - if it's not your box, and not your network pipes, then shut the fuck up and recognize the owner's rights to his own property.
think for yourself, you won't like the results if others do it for you.