A Search Engine For Corporate Desktops

Chibi writes: "Wired has an article about Altavista creating a new application that allows corporations to search their own networks, e-mail systems, and computers. It allows for certain areas to be designated off-limits and companies can determine who has access to the application. They claim it is a tool to increase productivity, but what are the chances it will be used to monitor people instead?" As the article points out, if a business implements this kind of desktop snooping, though, they could face additional liability as well.

You can use SSH to do this, guys.

[Medievalist]

OK, dig:

All large networks have a means of shoveling out system patches, upgrades, etc. For example, in a MSquishy or Novell network the login processes make the client run a script which the system admin specifies. I use these scripts to hack the registries of WinBlows boxes to make them less insecure, and to identify rogue boxes that lusers set up without loading minimum patch sets.

If you don't have this, you are either a wimpy little network (less than 1000 nodes for sure) or in a situation of impending doom as entropy grinds your systems into chaos.

So, the system admin shovels out a set of public keys, and an ssh daemon, and now he can run find remotely on you. If you can't afford ssh daemons that run on your OS, get linux ^H^H^H^H^H^H^H^H^H^H^H^H I mean write a beentsy little TSR that listens on a weird port and runs whatever find facility your OS uses. Pretty trivial really. You can half-assedly secure it by changing the keys daily, and you should block the port used on edge routers, but really, this is nothing compared to the stuff admins do on large networks as a matter of course.
Our chief network admin guy (not me, any more, hooray!) thinks it's a slow week if he hasn't edited files or registries on at least 400 PCs...
--Charlie

Corporate Monitoring

[jazman_777]

There goes the heyday of reading /. Surely this will reduce the incidence of sites getting /.ed.
--

Ya know,

[VFVTHUNTER]

I like the Slashdot crowd, and I recognize that most people here are only paranoid in an intelligent fashion, but it seems like every article I see on here anymore is people whining about how this new technology X is going to be used against us.

The problem with this viewpoint it that it flies in the face of the fact that most of us think DeCSS should be legal. We sit here and say that the new X technology is bad because it will be used against us; Judge Kaplan basically said the same thing when he ruled against DeCSS.

The fact of the matter is, this new corporate technology does have a legitimate business purpose. The same can be (and should be) said for DeCSS. We don't come down against DeCSS just because it can be used for piracy; we should not come down on this because it can be used for snooping.

If you are doing sketchy internet stuff at work, either use PGP for mail and browse the web through www.safeweb.com, or SSH to your home machine and be sketchy from there.

Re:Ya know,

[arnie_apesacrappin]

One thing that is very important to remember when you are surfing at work, is that most proxy servers (read: every one I've worked with) send everything from the client to the proxy back and forth in clear text. Even secure connections are clear text from you to the proxy, and then secure from the proxy to the internet server. So, even if you are using safeweb (don't know exactly what it does), if you are using a proxy, your requests will most likely be sent to the proxy in clear text. And, they'll probably be logged.

A better way to get around corporate monitoring of browsing habits is to convert the IP address of the site you want to visit into a decimal number. That should confuse your typical admin enough. To convert:

• Get IP address (nslookup or www.dns411.com)
• Take the octets of the IP address (A.B.C.D) and plug into the following formula A*256^3 + B*256^2 + C*256 + D.
• Go to http://resultingdecimalnumber/

For www.safeweb.com it would be:

• 216.104.228.137
• 216*256^3 + 104*256^2 + 228*256 + 137
• 3630752905
• http://3630752905/ should work.

There's a web site that does this too, but I don't remember it. Just remember, beware the proxy and the person that owns the logs. If he/she has time and a grudge against you, he/she can find all kinds of stuff.

Re:Ya know,

[dachshund]

We don't come down against DeCSS just because it can be used for piracy; we should not come down on this because it can be used for snooping.

The difference is that we (the "Slashdot crowd") don't have the capability to declare things illegal. All we can do is make a lot of noise and hope the powers that be will consider our opposition before they head down a potentially abusive path.

If the MPAA had restricted its complaints about DeCSS to a few web pages and newspaper articles rather than heading to court to flex their newly purchased laws, I don't think we'd all be quite as annoyed with them.

It's a two way street.

[tycage]

Why is it when Napster gets told, your product can be abused, Slashdot is quick to say that the users who abuse the system should be punished, not the system.

But when piece of software like this is mentioned, Slashdot jumps all over it because it can be abused.

Shouldn't we keep the same standard here?

Sure the software can be abused. That doesn't mean it will be. And if it is, it should be handled on a case by case basis.

--Ty

Come on, this is a troll right?

[SIGFPE]

I mean the release of a new search engine is hardly news. And the tenous link to employee rights is just that...tenous. My employer can come to my PC and do windows->start->search any time they want. They can do it remotely using VNC. They can mount my local disk and do it remotely anyway. There's nothing new here except someone deliberately trying to put spin on an innocuous story to gain publicity.
--

Re:And..?

[Sc00ter]

While I agree with you on snooping on you at the work place. I don't agree with you about drug testing..

What I do on my own time is my business.. Of course, if I show up at work high or whatever, that's another thing. But as long as my performance is fine then they shouldn't be messing around with my personal life.

--

What!?

[zpengo]

This is getting absurd. It's a perfectly logical business solution, and hasn't anything to do with Big Brother.

Hey, did you hear that Windows has installed a "Find File" feature in windows so that my sister can spy on me?

Hey, did you hear that Google allows Government thugs to search my personal websites?

Hey, did you hear that flashlights a violation of our personal rights because they are being used to perform surveillance in previously dark corners of my garage?

Shut up already.

Re:It's THEIR equipment...

[_xeno_]

You've managed to inadvertantly hit onto something that really annoys me - the idea that if a programmer isn't writing code, he's not being productive.

and if they're getting it done in half the time, then spending the other half browsing porn and napstering, I'll want a goddamn good explanation

Well, I wouldn't be browsing porn or napstering, but I often read Slashdot after coding for a while. Why? What am I doing, reading Slashdot instead of working?!? ... Well, I'm trying to solve a problem. I've looked at the problem from one angle for long enough and now it's time to move on. It's not at all abnormal for me to come up with a solution to something after I've stopped actively working on it for a while.

In fact, generally speaking, if I were forced to be actively working on something every minute of an eight-hour day, my productivity would fall sharply. Many times I've spent an hour working on something, than left to do something else, and come back and looking at it fresh realized that instead of starting the variable with a "t" I meant to start it with an "r" - a stupid typo just wasted an hour of my time.

The bottom line is that computer programmers and network admins probably won't spend their entire day "working" - however, even when they're doing other "worthless" activities, their subconcious is still attacking something from earlier in the day, and when the programmer gets back to the task, they'll be far more productive than if forced to just pump out code all day.

--

What difference does it make?

[wrinkledshirt]

Who cares if it gets used as a snooping tool? Most workplaces have agreements that don't allow you to use work email for personal use anyway, so if you agree to those terms, isn't any means the employer uses to enforce it also fair game?

The computers, network, servers etc. all belong to them in the first place.

reasonable.

[regexp]

This seems perfectly reasonable to me, but since it's being done by corporations, it must be bad. Corporations are all evil. It's true--I read it on Slashdot®.

Has great possibilities...

[__aaahtg7394]

Having worked in small- to medium-sized companies, I've been a bit spoiled with regards to interpersonal communication. But occasionally it's hard to find out who on the team has written a spec, or who has the source code to a component (CVS, i know... don't ask), etc. This would be great for that -- you don't have to go desk-hopping or send a broadcast email to find out who has what, you can just search for it.

As far as privacy concerns, well, don't store private things on your work machine. The software theoretically allows you to set certain areas as unindexed, but i wouldn't trust it at all. Look at it this way: would you leave private things in your (unlockable) desk before going home at night? Your computer is just like that in this system--it's a desk you can't lock.

I carry a backpack around with me when i go to the office; it contains random personal things, they don't go in my desk. Personal data should be in a data backpack of some sort, if you bring it at all.

All in all, i think this has more positive potential than it does negative. When it comes to productivity vs privacy at the office, i'll take productivity at the office, so i can get to my privcay at home.

Corporate "Intrusion"

[Migelikor1]

This is one of those things that shouldn't bother you unless you're doing something wrong. An employee is hired to provide a specific service to a company. The company, under a capitalist system, tries to use the employee to earn money. The best way to do so is to have the employee providing their given service at peak efficiency. If that employee spends all day downloading prOn or trying to get first posts on /., the company should logically either pay the employee less, or punish them. Sure, it'll make work suck, but that's a fact of life. (Office Space, anyone?) If all employees were forced to work straight through their workday, they'd have mental breakdowns, and corporations would shorten the workday. In short, this is just a move by businesses to make more money, and if you already do good work, it won't effect you. If you don't work hard, it may force you to. If it's used to make unreasonable demands, productivity will fall, and business structure will change.

It's THEIR equipment...

[hyehye]

and you shouldn't be doing anything on it or with it that they would not approve of. Why is it that so many people tend to ignore/forget property rights? Monitoring a home user is evil, monitoring your employees is just smart. If I'm paying someone to do work, I want to know that they're doing it - and if they're getting it done in half the time, then spending the other half browsing porn and napstering, I'll want a goddamn good explanation. Either reward them for their efficiency, or give them more work to do (probably accompanied by a raise due to their heightened value to the company). Sheesh, guys - if it's not your box, and not your network pipes, then shut the fuck up and recognize the owner's rights to his own property.