Slashdot Mirror
Surveillance Story Turns Into a Warning About Employer Monitoring
rtfa-troll writes "The story from yesterday about the Feds monitoring Google searches has turned into a warning about how work place surveillance could harm you. It turns out that Michele Catalano's husband's boss tipped off the police after finding 'suspicious' searches (including 'pressure cooker bombs') in his old work computer's search history. Luckily for the Catalanos, who even allowed a search of their house when they probably didn't have to, it seems the policemen and FBI agents were professional and friendly. Far from being imperiled by a SWAT raid, Catalano spoke to some men in black cars who were polite and even mentioned to Catalano that 99 times out of 100, these tip-offs come to nothing. Perhaps the lesson is to be a bit more careful about your privacy, so that what you do on the internet remains between you and the professionals at the NSA."
Not sure if you realise... but when you're on a work computer, all your internet requests usually go through some form of proxy server - which is how your IT department finds out what you access regularly and blocks it. Clearing your browser history is useless since every request is logged in a centralised server before it goes out to the net.
... wait, what?
Yeah. It's called INFO-OPS. Read Richard Tomlinson's book (google it) on how the spooks try to control public conscience.
If your work browser is configured to accept certificates from the proxy server, SSL might not give you privacy.
A good proxy server is going to allow your system administrators to decrypt your SSL connection. The proxy feature works for SSL but not before exposing all of the information in your connection to the administrators. So using an external proxy and SSL is not going to provide any security. You are going to have to be a little more savvy than that which will also be obvious to your system admins that you are subverting their tracking/logging system.
I object to power without constructive purpose. --Spock
The important detail missing is that the couple wasn't searching for bombs. It appears the police added the word "bombs" to cover up their amateur-hour faux pas so that an investigation sounds reasonable.
That doesn't appear to be correct according to the fine article:
The former employee’s computer searches took place on this employee’s workplace computer. On that computer, the employee searched the terms ‘pressure cooker bombs’ and ‘backpacks.’
much of left-wing thought is a kind of playing with fire by people who don't even know that fire is hot - George Orwell
A good proxy server is going to allow your system administrators to decrypt your SSL connection.
Yes and no. Yes, a proxy can do MITM attacks, but no, barring a key compromise, it can't do so undetectably. A computer-savvy employee who is concerned about a MITM attack can do some testing beforehand and on an ongoing basis to assess his risk.
Some things an employee who doesn't 0wn his own box probably cannot check for is a keyboard logger. Employees probably cannot check for other things like hidden cameras and other off-the-computer surveillance.
Knowledge is how to play a game, intelligence is how to win, wisdom is knowing what game to play.
When you're using your company's computer and your company's network, there is exactly ZERO expectation of privacy. No doubt, you've signed an "acceptable use policy". . . . Read it next time. . . .
He's not lying (or even fibbing, not even a little). The last 3 jobs I've had as a tech required 10+ hour days Mon/Fri, and if I wanted to do anything on the weekend that would take more than a few hours I had to notify my boss (in case they tried to reach me and I was unavailable). I'm no manager or lead or anything like that...I'm just the guy that they want to make sure is available in case a computer breaks.
Once upon a time those jobs were restricted to the heads of the company and they were awarded accordingly. Now those jobs are everywhere unless you're literally the bottom rung on the ladder.
The working climate in the US is dismal.