Slashdot Mirror
Conspiring Against Your Employer? Watch What You Email
Eric Giguere writes "In a story that has Bay Street (the Canadian equivalent of Wall Street) in a kerfuffle, the Globe and Mail writes that bank employees defecting to set up a rival investment firm didn't realize that their employer could easily track the emails and messages they sent and received, even when they're sent via a nominally-secure system like RIM's BlackBerry. In particular, the employees were assuming that the messages they sent via direct PIN-to-PIN communication (a PIN uniquely identifies a BlackBerry device) weren't trackable. But if they're on the device, they're available to the employer to see. The employees may also have thought that PIN-to-PIN messages are encrypted, though RIM has always said that they're not -- it's only the connection to the corporate email server that is secure. A lot of damning information pulled from those emails and messages has made its way into a lawsuit."
Honestly now, any communication that passes through any computer controlled by your company can be seen. Even if they were encrypted, if, at any point they are EVER stored outside of volatile memory unencrypted, they're available.
If you're doing something with their resources like plotting against them... well...
Alito: A vote for Alito is a punch in the eye to put that bitch back in her place!
www.gnupg.org
"A lot of people on the Street are going to have a few sleepless nights, going through loads of e-mail to delete them when they hear about this case"
Although an employer sometimes can go through the emails on your harddrive, I think what the people in this article don't realize is that it sounds like emails are being intercepted at the server level. Who is stupid enough to use company email to conspire against the company? Setup a freakin gmail account and talk about it at home!
Depends on how clued up the Techies are. Over here, they wouldn't even know I was on Slashdot...
They deserve what they get. How is that for repaying your employer? He writes you a check, puts bread on your table, and you pay him back by using his own property to steal his business. Ridiculous.
Loyalty used to mean something in this country. I guess loyalty has gone the same way as traditional family values and faith in God.
Things are going to have to change, people.
Steve
I can't believe that this isn't even common sense for a lot of people.
People are either getting dumber, or too trustful - either way, one is a sure sign of another.
I'm sorry, but I feel no pity for people being caught this way. Its very clear when you start working somewhere that the computers you use are the property of the employer, and you should expect no privacy from these machines. They used company owned BlackBerries because they thought it would be secret (implying that they knew other company computers were not). If you use something company owned because you think it is secure, while other company propery is not secure, it just shows you dumb enough to be caught. If they were so concerned about their privacy, they should not have used any company property.
You'd think somebody trying to commit corporate espionage would be smarter wouldn't you? I mean, communication is a two party interaction, you'd think the coporation on the receiving end would provide a slightly more secure method for communication, if they were looking for secrecy :p
There are lives at stake here!
Thunderbird + Enigmail
gaim + gaim-encryption
or use gpg or equivalent.
If you're sending messages that could be harmful to yourself unencryptedly, its your own fault. Especially if its at work and you know they are spying on you.
The GeekNights podcast is going strong. Listen!
Think twice before posting shit Above Average Nerds on fucking slashdot already know!
Can we please add 'kerfuffle' to the profanity filter. I don't find it profane, but I would prefer to see !#%$@#$#!@ instead.
If i am sending anything personal I do it through my webmail that has SSL, why would I want my employer knowing what I am saying on off business or to my g/f?
basic fact is, he deserved to be caught for being a moron.
The really shameful thing (aside from working on company time to screw your employer) is that these people didn't know this already. Looking at the list of those being sued, I see IT people who should have known better. Perhaps the company would have punished them more effectively by letting them go form their own company without understanding the basics of ethics, law (including allegedly trying to steal customer databases), or security.
Behold the riant ape! Beware, his crooked thumbs!
"Many of the e-mails revealed in the CIBC court documents offer an embarrassing portrait of greed and corporate rebellion, with executives boasting about the "tons of moula" they would make by moving to Genuity.
I guess it turns out, greed and stupidity don't mix.
"A man is but the product of his thoughts what he thinks, he becomes." -Mahatma Gandhi
I thought it was already pretty clear that if you work for someone and use their messaging systems, whatever you right is fair game for them?
What kind of moron sends questionable e-mails relating to plans to start a competing company through his employer's e-mail server!? You might as well print your entire plan and leave it sitting on the personal printer of the C*O. There are hundreds of free online e-mail systems, and GMail even allows connections over https, which makes the communication between the browser and the mail server less prone to snooping. Better yet, don't even do it from work! It's just . . . astounding . . . how stupid some people are.
Do not touch -Willie
These people are in charge of your money, folks.
They are idiots for two reasons.
First, because they clearly acted unethically, which is the really big idiocy. I run my own company and rule number one is due diligence. I am not going to screw myself by doing something that could bite me in the ass further down the line.
It's astonishing how many investment guys simply don't get this. I have literally had my own investment guy sit there and tell me that a particular investment 'cannot lose', in the presence of his lawyer -- who looked very uncomfortable and was forced to intervene by saying "Look, you cannot say that".
Second, anyone who uses unencrypted email on a server they do no control, ESPECIALLY if it belongs to someone they are screwing, deserves to spend the rest of their productive years flipping burgers, or possibly stamping licence plates.
I'm not wrong. You haven't thought about it hard enough.
Congratulate yourself you self-centered comment-addicted scum-sucking slashdot nerd for posting shit everyone already knows!
...but what the hell is a "kerfuffle"?
my prior employer had a system to track call destinations and keep tabs on long-D. i think they had the ability to log phone conversations too... or was I just trippin'?
You're so fired.
Investment firms must catologue all emails for compliance and SEC inspection, in fact they must be kept for years. All transmitions including company issued handheld devices are monitored by this automated system at most firms. So if their canadian counterparts have to do similar things this is to be expected and they have a record of all of your emails for years probably.
From Merrian-Webster Online...
Etymology: alteration of earfuffle, from Scots ear- (probably from Scottish Gaelic cearr "to place one's penis", awkward) + fuffle to "into another's ear".
People will say the darndest things over IM clients...
.. I was laughing over that one for weeks.
"I want to probe your cavern" I mean come on
** everything you do on my network will be monitored and laughed at **
Anyone who refers to money as moula is not getting their hands on my moula.
Blackberrys do support SMIME... you just have to buy the $10000 BES (BlackBerry Exhange Server) and commit to using yukky MS exhange.
Comment removed based on user account deletion
Now, you really have to be an ass if you try to fsck with the hand that's feeding you. And we are talking about people making tons of money anyways !
How so? Even breaking major laws seems to pay pretty good. Michael Milken didn't die in prison, he's not living in a card board box.
The only one who's significantly lost out recently is Martha Stewart who's down, aww heck, let's call it an even billion.
Lying, cheating on taxes, outright stealing are par for the course now. Hell, they can't even take your multi-million dollar mansion away from you. The corruption and graft are the harvest of sophistry that exists everywhere.
Loyalty still means something, but it may not be what you think it means.
Look, these people were dumb, that much can be argued. They were dumb for using a monitored service to do this, and they were dumb for (ostensibly) stealing their company's resources for the purpose of setting up a competitor.
However, you need to decouple this from the loyalty argument. The loyalty you need to have is not to your company any more. Are they loyal to you if business turns sour and they have to start slashing the payroll? Hell no. The corporate sinecure is dead. "Ma" Bell doesn't evince the image of a benevolent mother any more.
The kind of loyalty you should have is to your projects, to your work, to you as an individual and to your Rolodex (or electronic equivalent.)
If you live every day as if you might be laid off, working on projects that will escalate your worth and making sure that lots and lots of people know what kind of value you contribute, then you'll be better off; your customers (those who are the beneficiaries of your projects) will be better off, and your company will be better off.
And if things should turn sour, then you shrug your shoulders, get your Rolodex out and start calling.
So instead of "Logo Loyalty" you should cultivate "Rolodex Loyalty" (thanks, Tom Peters.)
Mit der Dummheit kämpfen Götter selbst vergebens.
I've had enough of this shit, you're all fucking fired.
sorry, but if i was trying to pull a fast one on my current place of employment (or otherwise rip someone off, or carry out some kind of espionage), i'd be a total fool to think any existing comms channels were secure -- /without/ having put in my own layer of encryption, to which only i have the key/passphrase.
install gpg, or worse than nothing, use s/mime - but if you need to ensure privacy, you need to have (put) your own privacy layer in place.
(it's no good hoping and relying on magic pixies)
Rule #0: If you're planning on screwing over your employer (an ethical conundrum all by itself), try not to use the employers resources to do so.
That means: keep the bits off their infrastructure. ALL of it.
"Draco dormiens nunquam titillandus."
It is quite silly to think that Email is secure in today's day and age, however what none of these bankers considered was using ssh and then say something like silc to have a secure conversation. Most large institutions with RIM have the BES and thus using ssh is an option. which is certainly more secure than email, but is it totally secure? Or still prone to eavesdropping?
I encrypt my mails in ROT-26.
People used to think I was an idiot IT schlep because of my harsh IT Security policies. Now they just think I'm a dick after 1 incident, and watch what they do because they know I'm watching:
Putting a bumper sticker on my car (from thinkgeek) that reads: "I READ YOUR EMAIL"
All that cutesy forwarded forwarded forwarded forwarded crap stopped in its tracks. Problem solved. What they don't know, however, is that every email sent and received is archived for legal reasons, per the Big Boss' instructions.
That said, if you're going to go behind your employer's back, do it from home, not from within the company, and especially not from company issued equipment. Common sense, really.
To use a cliché, I'd be rich if I had a nickel for every time I've seen an employee frantically clear his or her browser cache or send an email then delete it from the sent items folder. Surprise! The device on your desktop is not the center of the universe! Maybe abiding by policies and staying away from any shady dealings is a better way to cover your ass.
They shouldn't be RIMming on company time...
I don't think "hey, let's blow this popsicle stand and take all of its business with it" qualifies as "protected concerted activity" under the act, even if it had occurred within the US NLRB's jurisdiction.
However, don't let this dissuade you from working together to improve your workplace under the protections of Section 7. You should, however, try to avoid using company-owned computer systems for obvious reasons. (They own them, they can read whatever they want on them, you have no expectation of privacy on them.)
(Really all there is to say)
. there used to be a sig here.....
Dinna fash yersel ower muckle.
One line blog. I hear that they're called Twitters now.
This exact thing, getting caught in a conspiracy to leave the company, happened to my boss and a coworker. I was working away, and they were both told to clear out thier desks, and I was then called into the HR office. I was told that my boss and co-worker sent emails back and forth on company machines that said things like "we are going to rip these morons off so bad". They actually discussed inviting me and a secrty. to join the company they were going to start up, but decided to not take because I would not go along. They also defraued the compny by faking orders and ended up in criminal cout last I heard. the fired boss was the one who hired me, and the atmosphere was poisioned and I eneded up getting canned myself a few months later, but with a nice severance package.
http://www.geocities.com/sethseekstruth/great_out
In reading the replies to this post it is clear there are two camps. One which says they were stupid to get caught and the other that has no pity.
Remember, these turncoats gladly accepted a pay cheque to be a representative of their company. Their actions could cause the company to lay off people, perhaps you if it causes financial harm.
I for one would not look forward to calling one of these turncoats a friend. It would only be a mater of time before they framed me for their own gain.
Let these turkeys fry
Heh. Most people don't know how email works at all - they somehow think their password protects people from snooping in.
Speaking of which, GnuPG is at 1.4.0 now. For Windows users, GPGShell is a good (closed-source) frontend for it.
good job on training the company's web-filters.
Obligatory South Park quote:
Cartman's Mom "Oh, a Rim Job is when you put your legs behind your head and someone licks your ass!"
The Darwin awards after these people. I just finished working on a small investigation of some county employees in a North East state who were doing some funky business, and man, they said just the most damning things in regular email! Things like, "The systems has flaws, and we circumvent it all the time." No joke. They do get what they deserve. Using a black-berry?! Jesus!
Duh...didn't they know about telepathy? It is much more secure--you can get training here: http://www.silvaultramindsystem.com/main.php?sr=1& ct=19
:D
Telepathy slashdotted
You post information on a public forum? without IP protection? without compensation?
...
Damned commies
Exceptions abound, but the prevailing mindset in the world of finance is "How do I best screw the suckers out of their money?"
The naive emails were being exchanged for the purpose of starting an investment company! would you give a nickle to a banker or broker who was that clueless?
it would cost the employer less to take out an add in the financial section pointing out that the upstart company was demonstrably dishonest and joining a competitive race with its intellectual pants down around its ankles than it would to sue the dummies.
SLASHDOT: news for people who can't concentrate on work or have no life at all and got tired of yelling back at the TV.
Heh. "Nominally secure" is right.
I work in the software security biz, and very few places ever take security seriously. To do it right is counterproductive to slapping a product together and shoving it out the door - which is what the Venture Capitalists want. Screw everything but selling the snake-oil to the public is the attitude of all the VC's these days. They want to take their money and run; let someone else clean up the mess they leave behind, if that's possible (it seldom happens).
And this attitude is prevelent at nearly every, if not every, startup now. This doesn't just apply to the Blackberry-type devices either. Closed-source firewalls come to mind as well. And I could go on.
Compounding that is the number of "security experts" out there who don't know what they are doing. They just slap a canned approach onto something, without knowing how things work. IF you are lucky, such engineers MIGHT have heard of, say, "buffer overflows". But they sure don't deal with it in their code.
I remember one guy who was amazed by what OpenSSL could do - and that it was free. He'd never heard of it before. And he was the chief security person for a new financial product which absolutely required security.
This is one of the reasons why I only trust Open Source products. You can't cover up the cluelessness and incompetence which usually goes on with closed source products like the Blackberry.
Pardon my rant. And I know I'm preaching to the choir here. But I just had to say that. The software biz is selling snake-oil to the public; and it's only been getting worse lately.
Sheez, 60 bucks a month or something like that. Cheap insurance.
That's our life, the big wheel of shit. - The Fat Man, Blue Tango Salvage
When you're working for a company, you should work for the company. You're collecting their paycheck, so behave like a professional.
If you want to set up your own company, do it on your time with your own resources. You own them at least that.
Do people have less integrity than in past generations? I'm not sure. I think malfeasance is better publicized than before (eg, this forum).
And in Canada, "family values" has never been used much. "Canadian values" is more common, but is often used by parties on the left to suggest that if you're not socialist you're being unpatriotic.
In Canada they say "eh", not "duh."
It's friggin' PIM!!! PIM!!! GODDAMN IT!
Personal Information Manager
09 F9 11 02 9D 74 E3 5B D8 41 56 C5 63 56 88 C0
I just started my own company, directly competing with my previous employer. I spent nearly eight months on their payroll while I began up my own business and sought projects of my own. Here's what I learned:
1. Don't stab anyone in the back (burned bridges, insert your favorite cliche). It can come back to hurt you.
2. Don't give your bosses a reason to be unhappy with you. Work just as hard - or harder. If you're valuable to the company, leaving them will be more painful (and can produce a more profitable situation for you).
3. Encrypt every email, instant message, and web transaction that deals with your activities. Don't assume anything is safe unless you're actively doing something to ensure its security or you can verify it easily (SSL, for instance).
4. Regularly scan your machine for viruses and spyware. Use a packet sniffer to see if you're sending anything unexpected. Look through your machine to see if there are programs installed that shouldn't be there... is your company spying on you?
5. Don't use their phones. Upgrade your damn cell plan and use that.
6. Take advantage of non-company resources for communication and whatnot. Find a decent webmail provider with SSL enabled.
7. Make sure any contract or agreement you signed isn't going to come back to bite you. If you signed a non-compete agreement or whatever, don't assume it's invalid or that they won't pursue it. See a lawyer BEFORE you have legal troubles in this area.
As others have complained, there are loyalty problems in this country. I used to love my job, love my work, and love the company. Some things changed, and while I still love the work I no longer enjoyed anything about the company. Many attempts to change it from within failed. When your boss is taking advantage of you, you need to re-evaluate. When you're stuck in a dead-end, you need to re-evaluate. When you get the line, "if you don't like it, then find somewhere else to work," the time for re-evaluation has passed and it's time to end that part of your life.
Employers aren't loyal to employees any more than we are to them. I heard stories of pre-1980s-boom-and-crash Japan, where a failing company's president would give everything he had back into the company to keep it going as long as possible...and if it wouldn't work, he'd split the cash from his shares, pay, etc. among the employees. This was in return for the lifetime loyalty you gave to the company.
On the other hand, our (Western) society seems to be fixated on getting the cheapest product and not caring about quality. Most people shop at WalMart (I don't) and then we're surprised when WalMart is the 800 pound gorilla and starts flexing its muscle with its suppliers and basically forcing them to outsource.
Lol, this is a common trick done by investment banking types ... it's just amusing that they have not enough consideration to use ssl-based (web)email to communicate outside their corporate masters control.
fools. they deserve the thrashing they get.
for all you merciless lawn-n-order tools out there screaming how "How dare They!!!!" it's important to remember that your employer actually does not own you, assuming of course you're not a real-life slave. Em-ploy-ees and I emphasize that to drive home the point that they are Employees, as opposed to Partners do in fact...
/. fuckwits who are stealing....no Raping your sacred Employers while you twaddle away on this board.
Now I know this is gonna send some of you Radical Republicans over the edge.....
Have a Right, to leave and form another company or collect sea shells or any other damn thing.
Dat's right Massr Jim, We done gwin Freed by dat Mister Lincoln.
so really what you're arguing about is, I guess that they had the temerity to negotiate a separate business deal during business hours.
OMG! Somebody call the Productivity Police.
In fact let's lock up all you
Or, you can shut the fuck up and tend to your fucking looms.
I have a web server that I also use as an SMTP relay for all my email addresses. That way there isn't any chance for someone to log the mail I send. This is a good setup if you know what you are doing and make sure to secure it against spammers.
If I wanted to send a secure communication to some body the very last device I would use is a computer especially one that I didn't build myself.
If it's not logged on your companies servers, it's logged by your ISPs servers, numerous intermediate servers, Echelon, Carnivore etc. etc. and ALL encryption is defeatable (the only difference being how much effort is required). In fact I fully expect that even quantum cryptography will be defeatable once it becomes used "in the field".
The only way to stealthily communicate is to use a completely open totally noticable system that, to the onlooker, seems like average speech. In other words:
"Hey do you like the new retardz (tm) movie ?",
"No it sucks"
translates to
"Oh great master shall we kill them all now ?",
"No we await a later date as I'm wearing my best suit today".
The idiots got what they desrved.
Sky subscribers are morons. They pay to be advertised at !
My employer found out that I had used internet 30 minutes for private purposes.
Next day I left.
Suckas.
I have put my own harddrive in my laptop. When I leave my job for a new employer (which is forthcoming), I will take my harddrive with me.
Ofcourse I will format it...
Slashdot: stuff for news, nerds that matter, matter for news, stuff that nerd
9 letters.
C-Y-B-E-R-C-A-F-E.
I think there is some misunderstanding here - on either my part or the article author's.
My understanding is that BlackBerry PIN messages are not stored on the company's BlackBerry Enterprise Server (BES) at any point - they are network 'peer to peer' messages. As such, they bypass the BES and go directly between devices.
For a company to read PIN messages, either the sender or the receiver's BlackBerry would need to be physically examined. The other scenario I was thinking of is that the desktop software was set to do a backup of the BlackBerry when it was synced and the backup was examined.
Any BlackBerry experts able to shed any light on this? PIN messaging is very commonly used for 'private' messages and therefore a breach in its 'security' would be devastating to the dedicated users of it.
So all the guys make 150k, and the only lady makes 60k. They all started around the same date, and are all partners.
Man, I'd NEVER let the company that i work for find out what i was doing online. I always do all my web browsing through an SSH tunnel so nobody can ever trace me.
This communication contains information that is confidential and protected from disclosure and the properity of Microsoft Research Division 4, building 2, office 305. Any review, dissemination or use of this transmission or its contents by persons or unauthorized employees of the intended organisations is strictly prohibited.
Loyalty used to mean something in this country. I guess loyalty has gone the same way as traditional family values and faith in God.
Yup. Sadly, man has a long history of betraying his benefactors.
Example: colonists who owed everything to king and country -- yet they threw all that tea in Boston Harbor. And what followed was worse. Ingrates!
-kgj
-kgj
Employees need to wake up; this type of surveillance is only the tip of the iceberg. If you're interested in learning more, I wrote a book that was published last year by Amacom. The title is The Naked Employee: How Technology Is Compromising Workplace Privacy. I cover everything from background checks to DNA analysis. Particular attention is paid to various types of electronic surveillance, including software, video, and now GPS. Coming to a forearm near you: RFIDs. The book is most readily available on Amazon. For additional info, please visit my website: http://www.fredericklane.com/. Thanks.
Did anyone notice that in one of the quoted emails, they had a list of starting salaries and starting shares for the new company?
There were 8 employees of this new company -- 7 men, 1 woman. All were labeled "Partner."
There were 7 people with salaries of $150,000, and 1 person with a salary of $60,000. Guess who was who.
Without knowing more of the specifics of each person's qualification, I find an interesting that another "Partner" has just 1/40th of the shares of many of the partners and just over 1/3rd the salary.
Gender discrimination is alive and well in Canada.
I thought it was a law that all publically traded companies had to maintain records of their communications, incase said materials need to be indicted. Anyway, you have to assume that for most companies (public or not) it is really easy for them to monitor internal communications. My employer even goes as far as to have a notice popup on every computer every time someone logs in. Seems like common sense not to talk about such things using communication methods provided by the entity you are saying things about.
SIGFAULT
...as where I live (France), email is still (maybe not for long) considered as private, even within a company. (Or at least it was last time I checked). ie: in a nearby school, some techies were sued for reading email of a student, as email has the same privacy status as snail mail. Good thing to know this doesn't apply in Canada or the US, which I thought it would!
I know for a fact that in the Netherlands (where i live) it's illegal to 'spy' on your users
Sounds more progressive than in the U.S.
While our founding fathers recognized the abuses that were possible from a powerful government and put safeguards into our constitution to protect us from the kinds of abuses they could see in the 18th century, they did not foresee the rise of corporate power in America. In the U.S. there is no inherent right to privacy except as interpreted through the protection against unreasonable search and seizure. A private contract of employment will typically permit the employer to do drug-testings, credit checks, interviews with people you know, etc. You can always choose to not work for that employer, but with a special skill and few potential employers most people choose to swallow their pride in order to eat.
Without such protections against powerful private entities, we pretty much fall back on the a legal system that guarantees specific rights of property holders from the feudal era. Monitoring, everywhere, everyway, everytime is growing in most U.S. workplaces, aided by most people's ignorance of just how widespread it is.
The U.K. has pretty intrusive government monitoring of public places using video cameras that would unnerve me if it became more commonplace in the U.S.
There was a case a few years ago where a former and disgruntled Intel employee posted an email to all his co-workers that Intel did not like. The court rulings were in favor of Intel IIRC. Replacing "Intel" with "federal government" would have probably put greater protection onto free speech in that case.
"Provided by the management for your protection."
Microsoft ISA Server at least supports transparent SSL pass through.
That is, you are SSL'd to the proxy, and the proxy makes a new SSL connection outbound on your behalf. That means it gets what is in the middle.
You'd only catch wind of this if you were paying very close attention to certificates and what not.
My opinions are my own, and do not necessarily represent those of my employer.
My wife works at Fidelity. We are pretty sure the email, IM and browsing is monitored/logged. Less clear that phones are monitored but we still avoid personal business via phone conversations at work. You wind up having these wierd conversations like "yes, uh, that item we discussed this morning...its moving too fast in the wrong lane and we should find an exit or a prime rest stop"
SLASHDOT: news for people who can't concentrate on work or have no life at all and got tired of yelling back at the TV.
Check out page 2 of the article, where one of the incriminating emails lists projected salaries and stock options for each of the "partners" in the new company.
They all have the position "partner", but Andrea Horan gets a 60K salary and 50 units while the others all get 150K and from 400 - 4000 units.
Ouch. I'll bet she was pleased to read that in the news.
She's also the only woman on the list... not to jump to conclusions w/o knowing the details, but double-ouch.
America is a continent. Named after Amerigo Vespucci, latinized to Americus Vespucius, a cartographer. The name of the country laying south of Canada is United States of America (U.S.A.). The name of the country lying south of the U.S.A. is United States of México (Estados Unidos Mexicanos). When you say American, you could be refering to a citizen of any of the countries between Canada and the southmost tip of Chile, including several islands. When you say United States, you could be refering to any country in the world that is constituted as a federation of states. But I would not expect much geographical accuracy from a people that fail to identify their country in an unmarked world map more than 3 fourths of the time.
I wouldn't post anything negative using my work computer, even if I was using my outside Yahoo! mail account. Even if it's on an outside account or on Slashdot, the page is going through the company proxy server.
So, since this is going out on the company proxy, for anyone at corporate: I love working here! This place is awesome! My managers rock!
It's good to use your head, but not as a battering ram.
Is that Lincoln was the first Republican president.
Some of us Republicans (unlike other Republicans and most Democrats) still hold to those ideals.
My wife has always been paranoid about her privately held company's e-mail policies. She warns me about sending lewd e-mails to her at work. I shouldn't waste the time to do it anyway, I guess, seeing as it doesn't get me any at home.
Seriously, though, as an assistant manager, she was asked to go into two employees' e-mail accounts and print out profane e-mail exchanges between the two guys. Just two 'tards being stupid on e-mail. The idiots were behavior problems for her branch regardless of their e-mail conversations. She used the e-mails, however, to help her manager write up the documentation for the termination of the two employees.
This is serious stuff, though, and the company does have a right to control the content going across its network and e-mail system. The idiots form the story cited got what they deserved, to some degree. Not to mention that they saved a lot of potential investors the hassle of doing business with them.
Why? Would YOU invest in their new spinoff company if you knew they were dumb enough to get caught using corporate e-mail like they did? Uh...no.
IronChefMorimoto
Wait a sec, *I'm* the email admin at my company! And I *can* read everyone's email! Tee hee!!
Comon, this is /., I think everyone here knows how "secure" their work PC's are...
They're bankers not techies. Worked for a bank a few years back... good bankers don't think well - or they don't last long.
If the Canadian securities regulations are anything like the SEC and the NASD, then everything is captured, analyzed, reported, and acrchived. Check out Assentor for an example of the software. That's what we used at the brokerage I used to work for. Everyone knew that everything was monitored.
perhaps, as it states in the article, she was the DBA, while all of the others were investment bankers and executives. Jumping to conclusions is alive and well on /.
You don't need to snag the PIN-to-PIN communications out of the air all you have to do is look at the backup copy of the PDA on the dumbass' PC.
I chatted with an engineer at RIM about this issue. I was told that PIN is secure from being monitored even if attached to a BES. The company would have had to install a backgroun application that monitored for incomming / outgoing pins and forward them onto centralized server.
You really talking about the same country that outlawed crypto?
And they smell bad.
I might also call them ugly, but that would be cruel.
- Yndrd1984
All that it takes to claim persecution of a group is to show another group that is against them. Note that the term "persecuted" does not indicate quantity.
Cna you honestly say there are no groups in America that do not dislike Christians?
If there were no other discrimination against blacks, the existance of the KK alone would be enough for me to proclaim blacks as a group were persecuted.
Also, I don't think you can really claim companies closing for Christmas as an example of widepsread support for christianity any more than you can claim all the companies closed for Thanksgiving indicates widespread support for pilgrims. Holidays are just holidays any more, original meaning has been lost for most of them and companies give time off becauase people expect it and will balk if they do not get it. Even a company run by an athiest would give time off for employees around Christmas, wouldn't you say?
"There is more worth loving than we have strength to love." - Brian Jay Stanley
Without digging through court documents, my guess is they didn't "break" PIN to PIN. I'm guessing they simply accessed the backup file, created by the desktop software, of the device. PIN messages are stored in the message store, and if the message store is backed up, they're backed up with it. The backup is stored in CLEAR TEXT. As far as I've seen, there's no way of encrypting, even trivially, the backup file via the destkop software.
The truth about Scientology, Xenu, and you: Operation Clambake
With regard to non-compete agreements, how do they work if the employer has hired someone half-time? Let's say a company hired me for 20 hours a week and had me sign a doc that said that they owned any intellectual property I created during the course of my employment. Does this mean they own all the work I'm doing for other companies during the rest of my time? I ran into this situation last year and the company's HR department said the form wouldn't be interpreted that way. I disagreed. Anyone else have an opinion?
-- SYS 64738 --
The SEC requires firms involved in trading, commodities and investment banking to keep a record of all communications. Assentor is a popular cataloguing package that handles compliance and looking at the old email.
Employers cannot place hidden cameras without telling employees. The courts already settled this for the most part. Just because it is company property does not automatically give them the right to snoop without warning. If a company wants to intercept messages and phone calls, it should provide direct advanced warning that it may do such. (I don't mean every incident has to be warned about, but the practice.)
Table-ized A.I.
Do moderators operate on fuzzy feelings or something?
"Things are going to have to change". LOL! ROFL!
Guess what buddy, things are changing. And the jobs are not coming back!
Interestingly enough, I work at a company where if we keep too much information it can be used against us and we are fined. So we dump data as soon as leagally possible.
Along those same lines, several lawsuites have been settled out of court because the cost of retrieving court ordered data off of old tapes/systems has been higher than the cost of the actual suit.
hack a day
you're a fucking idiot dude! a real fucking idiot.
your neural network is fucked up. you're unable to parse sentences from context.
i'm glad you're not my collegue or i would fuck you over at every opportunity. just because. for fun.
Shee, they should have picked a more secure medium, like sticking cleartext notes on the back of the boss' jacket.
in the US you're protected by Section 7 of the National Labor Relations Act
This case is about Canadian employees of a Canadian company. What do their laws say about it?
Dogma - "let's just say we'd like to avoid any empirical entanglements."
Don't talk about Fight Club.
Really, how stupid can you be? Planning a competing venture on your company's systems (and their time)? Meet corporate darwinism. If you're too stupid to figure that one out, then maybe you shouldn't be managing other people's money.
God didn't kill 150k people. A tsunami did.
What makes you think God will intervene?
Guess what, the Christian books are all so much paper infested with human thought.
The fact that you've bought into the idea that a book written by humans has anything to do with God implies you're unable to think for yourself.
You're a sheep, no different than the Christians.
I was on a short gig somewhere and needed email access to keep in touch, but webmail was blocked by the firewall. I didn't want to use my client's email as it was such a short gig (7 weeks). I just then discovered that although http:gmail was blocked, https:gmail wasn't. The problem is that the signon took me to a non https page which was then blocked, I just changed the protocol prefix to https and it carried on working with a secure link.
See my journal, I write things there
The only expectation of privacy I have is what goes through my head - and even that is suspect...
Lodragan Draoidh
The more you explain it, the more I don't understand it. - Mark Twain
would you give a nickle to a banker or broker who was that clueless?
Not intentionally but we probably all have at one point or another. You probably see it at your own company; marketing makes most companies look more competent than its employees really are most of the time. While things often work out, I know my limitations and I'm frequently astonished at how naive or unskilled some of my co-workers are. I'm sure we've all conducted financial transactions with individuals of dubious intellectual prowess.
While I agree these guys were stupid, or at leave profoundly naive, bankers are not techies either. I know a lot of bankers personally (I have a business as well as an engineering degree) and most of them are pretty smart people. They can dissect financial statements and often are excellent users of spreadsheets and/or databases. But they don't generally know how technologies, including email, work underneath, nor are they interested.
While they should not have assumed their communications were secure, I'm not surprised they made this mistake either. After all, email *seems* secure at first glance to most people. Sure the folks reading this know it's not but I've pointed out to many people I know just how insecure and potentially incriminating email is and I frequently get surprised reactions. (That is when they don't think I'm a paranoid looney.) The appearance of security fools an awful lot of people and I think these guys genuinely thought they were safe. Dumb, but understandable.
The e-mails posted in the article contain to/from e-mail addresses. If these messages were sent PIN-to-PIN, they would show the device's PIN and not an e-mail address.
Also, how can anyone be sure these e-mails are real?
And the last rule... don't let your boss find out you are reading Conspiring Against Your Employer on Slashdot. A bad combination, indeed.
Honk if you're horny.
Totally agree. If a corporation doesn't have what you call loyalty, maybe they should treat people better. It's the global economy, man. Every man for himself. They should be more competitive.
These are not slavery relationships or some sort of odd military employment relationship.
I work at a place where one manager brags about the military experience he had (he's not in the military any more, I guess it wasn't so great) and how he's used to being unquestioned. Meanwhile he's probably the most useless person constantly making bad technical decisions we have to cover up. He would have no qualms about assigning a fall guy.
Loyality? Nope, corporations are just buying your time. Nothing more. Ass time frequently where you are just supposed to sit on your ass and not question things. You are not an owner, up for raking in the fruits of your labor, frequently not a managers with high bonuses. It's ass time. If you have a great idea to get a piece of the pie for your own business, go for it. A lot of times employees get to the point of leaving and creating their own deals and businesses because their ideas or success was not allowed where they work -- or if they did, they would not get a fair cut of the profits.
After all, when the profits roll in, they dole it out to the upper cronies, and remind you were a pion hired for ass time only. Oh, and here is your outsourced pink slip, you should understand, it's a global economy.
This case was in Canada.
you know what their laws say, that's what this story is about. but the slashdot posting included a general admonition which apparently doesn't necessarily apply in the US... everybody else is moving the discussion forward, WTF with you?
I know that there are /. readers in all different countries out there. I noted twice in my comment that the NLRB only has jurisdiction in the US, so that readers saw what happened in Canada and wouldn't think that the same result would happen in the US.
That is a logical extension of the conversation of the original post: comparing different legal results based on which jurisdiction you're in.
It's entirely possible that the overall body of labor law is such that there's an analagous agency in Canada just like the NLRB - in either case, it's completely relevant to talk about the result of the same set of facts in different countries.
Your post is like saying that because the Red Sox won the World Series, to talk about the Cubs is irrelevant.
Oh, wait...
A lot of people are pointing out how dumb these people are.
But I feel this points to a broader issue. If ordinary people still have an assumption of privacy in their email communications, even after all this time, it's a strong indicator that such communications should be more protected. Perhaps corporations should only have access to recorded communications under court order, just as anyone else. This should be doubly true of emails originating outside the corporation.
I understand the argument "but it's their servers!" and "they're paying you" - but suppose all the telecom companies got together and decided that they'd all put a clause in their service contracts saying they reserve the right to view your emails, record your phone conversations, etc. After all, you're using their servers, and in order to use their services, you'd have to have agreed to their terms. Legal I suppose - but is it desirable?
Yes exactly! I am an American. An American born in Canada and have nothing to do with the United States of America except that I have been there a few times in my life. Not only that but my girlfriend has a an American friend the was born in the American country of Mexico. Also this reminds me of high school! A football team from the USA came to Toronto (And to Canada's Wonderland) and still thought they were in the USA! I almost peed my pants laughing.
It raises the obvious question, how can I trust people like this to handle my money?
But depending on what state you work in, there may be statutory limits on what agreements you are able to sign away (so it won't depend on either your or their interpretation, but the limits of the law). For example, in california...
;^)
Sec. 2870. Employment agreements; assignment of rights
a. Any provision in an employment agreement which provides that an employee shall assign, or offer to assign, any of his or her rights in an invention to his or her employer shall not apply to an invention that the employee developed entirely on his or her own time without using the employer's equipment, supplies, facilities, or trade secret information except for those inventions that either:
1. Relate at the time of the conception or reduction to practice of the invention to the employer's business, or actual or demonstrably anticipated research or development of the employer; or
2. Result from any work performed by the employee for the employer.
b. To the extent a provision is an employment agreement purports to require an employee to assign an invention otherwise excluded from being required to be assigned under subdivision (a), the provision is against the public policy of the state and is unenforceable.
But of course, things will get sticky if the "other" companies are competitors and even worse if one of them is your own company...
Most real lawyers would probably suggest that you request an explicit waiver for this from your employeer to protect yourself, but since IANAL, I'll say that unless you think there is some specific thing that you worked on that is potentially in conflict (or in the rare instance you are god's gift to mankind and everything you touch is gold), don't rock the boat, most people are quite over themselves on the importance of the intellectual property they create, yet most of the stuff out there is crap. You do the math.
Not everyone can live at the shores of lake w03Bg0n...
I make all of my evil plots in my underground base. Jeez, I donno my no one else does.
"1. Don't stab anyone in the back (burned bridges, insert your favorite cliche). It can come back to hurt you."
Marge: "Well, I suppose if this doesn't work out, you can always go back to the plant."
Homer: [chuckling] "Not the way I quit. Hoo-hoo."
False. A One-Time Pad (OTP) is provably secure from all encryption attacks.
A company I worked for was very paranoid and badly managed (so much so that 30+ other people left within the same six week period as I did). After we left, they installed video monitoring of every desk, door monitoring and other intrusions.
However, it turns out that before that, they had installed keystroke monitors, and used this to obtain passwords to private web-based email accounts. We found this out because one of the former employees was hit with a lawsuit with "evidence" from his private Yahoo email account. The suit was bogus and never went anywhere, but he still had to start a defense.
The answer is simple, do not use ANY form of communication that intersects with any of your employer's systems. Use separate private cell phones, private email on your home computers or private laptops (off your employer's network), and talk off site.
Not only is this the safe thing to do it is also the right thing to do. Even when your employer has proven themselves to be irredeemably unfair, and that you are right to leave and compete with them, that still doesn't make it right to use their resources to do so. Get your own.
"Sorry we lost all your money. We didn't realize that stocks could go *down*!"
UTF-8: There and Back Again
Date: 13 Jan 87 12:52:00 PST (Tuesday)
From: Schuster.Pasa@Xerox.COM
Subject: use of America for the USA
She's a DBA, not an investment banker... her "partnership" is a perk.
Did you sign one of those between all the HR forms? You probably did.
And yet, every day someone claims that every word out of a Christian's mouth is about their so-called complaints about religious persecution.
Christian Guy: Geez, these ants are really all over my trash can.
Athiest Guy: Fucking Christians! Always bitching about being picked on! YEEEEAAAAAARRRRGGGGGHHHHH!!!!1
And PS: not sure about your hardon with "80%" but the amount of real (practicing) Christians is probably 20% and if 80% of the US couldn't drink the President would last about 15 minutes outside the Whitehouse. I'd put the number at around 5% of the US has restriction on booze.
Hollow words will burn and hollow men will burn.
How is this a troll? If you think it's made up, click the link. RTFA. It's right there.
Actually, you're simply addressing yet another way in which the US and others see the world differently. In the US, there is absolutely no continent "America"; as all schoolchildren are taught, the continents are North America, South America, Africa, Europe, Asia, and Australia/Oceania /whatever, and Antarctica. Yes, the famous SEVEN continents you might have heard of. Anyway, it makes more sense to refer to Eurasia as one continent than America as one (since we finished the canal, North and South America aren't even connected anymore!)
Oddly, it doesn't ever include parent's "5 continents" theory":
"How many continents are on the earth?
A continent is one of several major land masses on the earth. There is no standard definition for the number of continents but you'll commonly find that the numbers six or seven are used. By most standards, there are a maximum of seven continents - Africa, Antarctica, Asia, Australia, Europe, North America, and South America. Most students in the U.S. are taught that there are seven continents.
In Europe, many students are taught about six continents, where North and South America is combined to form a single America. Thus, these six continents are Africa, America, Antarctica, Asia, Australia, and Europe.
Many geographers and scientists now refer to six continents, where Europe and Asia are combined (since they're one solid landmass). Thus, these six continents are Africa, Antarctica, Australia, Eurasia, North America, and South America."
Well, with plate techtonics, just wait a while and it'll sort itself out.
A group of people using their employer's equipment to discuss forming a competing company wonder why they got into trouble over it. Duh. I used to think people were stupid sometimes, but now I have evidence to prove it. You know, that's why people used to use pay phones, and why we have our own cell phones and personal e-mail accounts so the employer doesn't have access, control or ownership of the conversations or messages sent.
The lessons of history teach us - if they teach us anything - that nobody learns the lessons that history teaches us.
In the banking, stock, etc. businesses, many companies are required to both record and read their employees email. Here in the US, it applies to a variety of communications (telephone, email, snail-mail, even IM!), and is mandated by federal regulations. I don't know about Canada, but in these folks' world, they should have expected to be caught.