Slashdot Mirror

← Back to Stories (view on slashdot.org)

Instant Message, Instant Transcript

Posted by timothy on from the better-part-of-valor dept.

shams42 writes: "Although the internet has been far from private for some time now, it seems that public awareness and concern over this issue is mounting. This article at CNN discusses the issue of companies monitoring instant messages for cyberslacking or leaking company secrets. There is also the possibility of them being included as evidence in court cases."

11 of 330 comments (clear)

  1. Jabber + SSL by finkployd · · Score: 4, Insightful

    Jabber over SSL would solve this problem.

    Finkployd

  2. This kind of boss gets his own punishment by Provincialist · · Score: 3, Insightful
    I can see why a financial firm might decide it needs something like this, but in general if this sort of system is used in your workplace it's a symptom of far worse problems. If anyone, let alone a high-level manager or IT director, has the time to be concerned about, and then set up a monitoring system for, instant messaging, then the company is not receiving an adequate return on his salary. This monitoring software is the sort of ridiculous waste of resources for which any manager should be called on the carpet. As scores of others will observe, it is easily circumvented through client-side encryption. Companies that hire managers simultaneously so anal and so clueless are hauling around a lot of dead weight.

    Hopefully within a couple of years we'll get the cheerful news that these monitoring companies have gone belly-up.

    later,
    Jess

    --
    I am programmed for etiquette, not destruction!
  3. Companies have AUPs for a reason by Zeddicus_Z · · Score: 4, Insightful

    People think Instant Messages are like phone conversations - no record is kept, they can say pretty much what they like. People used to think the same about Corporate email too.

    Nearly every company today has an Internet Acceptable Use Policy. Said policy covers allowed surfing habits (work related only, etc), as well as appropriate email useage (no sexist jokes, spamming of jokes). Once companies realise that IM traffic is essentially the same as email, they will need to incorporate policy on usage into their existing AUP.

    Naturally there's privacy concerns here. People don't like their every word and action at work scruitinized. However, as Pamela Housley (director of compliance at Thomas Weisel Partners investment banking firm) said in the CNN article,'It's just easier to archive it all. I don't have the manpower to have somebody look at this all day long.' This will hold true in most cases.

    Most companies already archive all email sent/received by work accounts as a matter of course. However, that's not to say people actually read all those emails. They're there with the sole intent of keeping a record to cover the company's ass if something goes wrong - such as a client accusing an employee of doing something they were not asked to do. If said employee can turn around and say 'I was asked to do it via email, and HERE IT IS!', the company is fine.

    Face it - IM traffic sent/received at work will end up being logged as a matter of course. It has to if companies want to keep themselves out of a legal quagmire. However, just because your communication via IM is logged, doesn't mean someone is going to actually violate your privacy by reading it. In fact, most AUPs specifically prohibit the reading of another's work communications without the proper authorisation.

    Keep in mind that you're using work assets. Keep in mind that you can, and will, be held responsible for abuse of said assets. Stick to the AUP, and everything will be rosy.

    --
    Janie took my gun...
  4. Re:simple solution by Nonesuch · · Score: 5, Insightful
    IMHO, a 'good employer' does not bother to look unless the employee causes some other problem. The one case I had dealt with was related to using IRC from the office, and the abuser was fired that same day.

    I've not heard of an employer that monitors Port 22, and even if they did, it's encrypted so they can't pick up what you said.
    Every corporate site I have been at, will block port 22 outbound.
    Best program for this is PuTTY (assuming you use NT at work)
    If your employer is nosy enough to be sniffing your IM sessions, they are probably also nosy enough to install LanDesk and/or other software on the desktop for remote screen viewing, keystroke logging, etc.
    The whole thing assumes you are using *n?x at home and can run an SSH daemon on it.
    People that clueful generally have better things to do with their time than instant messaging.

    (Says the guy posting to slashdot in the middle of the night)

    --

    I do not deploy Linux. Ever.
  5. I still don't get this.... by Peridriga · · Score: 5, Insightful

    Privacy at the work place...

    You are in a building that you don't own..
    You are sitting in a chair that you don't own
    You are using a computer that you don't own
    You are using a network that you don't own
    You are using bandwidth that you don't own

    Why do you have any expectation of privacy?

    It's simply a given.... If I am talking on my cell phone in the middle of the IT department I have no expectation of privacy...
    If I am 'yelling' my conversations over the network why do I have expectation of privacy...

    If I want to chat personally or sell company secrets I will do it at my home where I DO have privacy... But, not at work

    1. Re:I still don't get this.... by The+Cat · · Score: 5, Insightful

      Why do you have any expectation of privacy?

      Because you're a human being with human rights. One of those rights is freedom of speech, and part of that freedom is the ability to control when, where and to whom to speak. The speech is what should be protected, not the company's stupid network.

      If they don't want to hire people, fine. Let them buy an M$ wizzzzzzzard to set up their databases and sit in meetings. But if they want hard-working, knowledgeable, imaginative people, then they are going to have to accept the fact that they are HUMAN BEINGS, not machines.

      Just because you're in a "building you don't own" doesn't mean you have to hand over control of your entire life to some middle-manager.

      People are people FIRST, then "employees." This "the company rules the universe" routine is getting REALLY fatiguing.

    2. Re:I still don't get this.... by The+Cat · · Score: 3, Insightful

      But these "contracts" are almost never written. They are decrees delivered from the raised dais of management, usually in the form of a memo.

      To expect to isolate someone from all "personal" conversations during the work day is an unjust exercise of control, basically for the sake of control. It really has next to nothing to do with the company or the work.

      It certainly doesn't give the employer the right to the contents of that conversation.

      For most of the people in this country, a job is a necessity. To withhold necessities from people in exchange for their abdication of their inalienable (an important word) rights is to offend those rights to the point of denying them altogether.

      No person, employer or otherwise, should be empowered, either by necessity or choice, to deny the basic rights of another person.

  6. Re:simple solution by bmetz · · Score: 3, Insightful

    I work for a very large computer company and I know for a fact they don't block ssh. I think that if you go to the big computer companies they know their employees are very adept at these things. I could tunnel SSH through DNS if I needed to -- so why even bother getting in my way.

    Also, I don't know how the we're-too-cool-for-IM crowd is doing things but in MY software team our internal IM client is very essential for development collaboration. Unless you live in your own little world never speaking to anyone it's a very major tool for tracking people down to ask questions/fix bugs/etc.

    --
    What did you eat today? http://www.atetoday.com/
  7. Re:Why? by The+Cat · · Score: 3, Insightful

    No. Mainly because nine times out of ten, management hasn't the foggiest idea what is going on from day to day. Oh sure, every once in a while there's some frantically organized flailing "initiative" complete with an announcement at an all-hands meeting, but by and large, management doesn't understand a single detail of the work in most companies.

    Then everyone gets laid off. Welcome to the workplace.

  8. Re:simple solution by Stiletto · · Score: 4, Insightful


    That's a slippery slope...

    You might expect employees to clock in in the morning, think and do nothing but work, have no stray thoughts, don't get up to eat, drink, or talk, and then clock out at night, without any second wasted... It's called a robot. Look in to hiring one instead of a human being.

    I don't think I've ever met a collegue that could perform up to that standard.

    You need distractions every once in a while to maintain your creativity.

  9. Re:Ah yes by ryanvm · · Score: 5, Insightful

    If it isn't company business, PAYCHECK OR NOT, it isn't company business. Period. People should be given the freedom to be people before corporate drones.

    Who are you, Bodhi from Point Blank?

    No one forces you to take a job. When you do, you engage in a contract with your employer. It says I will provide X amount of hours of labor for X amount of wages. If you are fucking off chatting with your warez buddies on AIM, than you are not fulfilling your end of the bargain. You are ripping off your employer. Period.

    If I pay someone to dig holes for me for 1 hour, then I am entitled stand beside him and make sure he digs for that hour. Even moreso if he's using my shovel. Why do you think that because you work with computer equipment that you are special? It's the same thing.

    Excuse me, but why is the workplace exempt from a person's inalienable rights?

    I don't think you understand. You do not have an inalienable right to use other people's equipment to chat on the Internet. If you want to do that - do it at home, where you pay for it.