Slashdot Mirror
Most IT Pros Have Seen Embarrassing Information About Their Colleagues
An anonymous reader writes: Often working in isolation, IT teams are still considered to be supporting players in many workplaces, yet the responsibility being placed on them is huge. In the event of a cyber attack, network outage or other major issue, they will typically drop everything to fix the problem at hand. Almost all the respondents (95%) to a new AlienVault survey said that they have fixed a user or executive's personal computer issue during their work hours. In addition, over three-quarters (77%) said that they had seen and kept secret potentially embarrassing information relating to their colleagues' or executives' use of company-owned IT resources.
News at 11?
(Most just got to management by being born with the right connections or playing sleezy, not by being smart. So it's always hilarious for me when I, the lowly tech guy, finds out my boss is having an affair or has a strange fetish, both true stories. Didn't tell them, of course, but I never looked at them the same way afterwards.)
I've seen it, even if it only flicked up on screen in a fleeting glimpse while I was typing another URL.
I'm not sure if this was before "Privacy Mode" became common or not.
I fix this problem by only using NNTP for my porn needs... support staff don't usually download tools using your newsreader....
Has seen them naked. How is this news for nerds or anyone else for that matter?
Or are you just trying to say 'you know, we could have let it slip that you're into...'
Everyone already knows cops have the best dope & it has the best porn.
"Reality is that which, when you stop believing in it, doesn't go away." - Philip K. Dick
Which is cool, because my last steady IT gig was at gay.com and I'm not. Gay, that is. I'm cool as a cucumber.
"You're right," Fisheye says. "I should have set it on 'whip' or 'chop.'"
Go away.
Things were getting better with whipslash.
I had to clean off virusses from computers for many small companies (small as in one to three employees). The kind of virus that blocks everything and asks you to pay to be able to use the computer again. After cleaning, to make sure everything works properly I usually open up the standard browser and many of them notice that they didn't shut down properly and eagerly propose to reopen all the previous tabs. That's where I get to know people's porn preferences... Firefox: "I'm soooooo sorry for the crash, here's your latex porn again!"
Please people, use private mode. For the sake of your support staff.
Who are these people who would keep something like that?
Because I sure as hell don't wanna work with 'em.
Seen it? Oh, gods yes. I'd need more hands to count how much, over 24 years, of my friends and coworkers' dirty laundry I've seen. Hell, at one point, I had to tell a NOC manager "there are naked pictures of my whole team somewhere on the Internet, so she's a cam girl, chill" (this was 1998).
The person that conversation was about ended up being probably the best hire the company ever had.
You're a goddamn sysadmin. Go in, fix, leave. You don't read their email. You don't copy off dick pics or whatever. You go to the bar and drink the memory out of your head, like a professional.
And yet they keep lowering our wages, treating us with increased paranoia, demand that we keep logs of everything forever (for law enforcement reasons) and nothing (privacy), support the latest iWidget on the corporate Lan...
As such, if I come across anything illegal, I report it. If it's unsuitable for a work environment or a risk, I have a quiet word, Anything else, I ignore it, none of my business.
I want a list of atrocities done in your name - Recoil
My boss's laptop broke and he asked me to fix it. I was able to fix it but in the process I discovered his sexual fetish. Scat. Including his own homemade videos. I could not contain myself for the next few weeks or so. I have to admit he's a great boss and I try to not judge him or anything.
At an old job back in the 1990s when we had the first company-wide email system with Internet connectivity we used an old version of Groupwise. The SMTP gateway was a standalone DOS system and it used to choke from time to time, requiring extracting the queued message it couldn't process. I used to pull these out and if possible, decode the message and attachments for the intended user.
One of these messages was to a "rising star" in the company and featured some personal chatter between the employee and some outside personal contact, complete with pictures of both of them wearing fancy suits in staged poses, but with their genitals hanging out.
The "rising star" employee was well-liked for being humble, hard-working and smart. He was also socially conservative, with pictures of his young, stay-at-home wife and fairly open about his involvement at church.
I thought the whole situation was just kind of icky -- guy trading gay fetish sex photos, while positioning himself as a conservative, religious family man. It wasn't the photos, but just the hypocrisy. I had a hard time working with the guy (which I didn't very much anyway) after because it was all just kind of creepy.
There are two things you cannot have in your work history:
Criminal Activity.
2. Whistle blower.
When that Enron accounting exec saw the shenanigans, she sent an email to her superiors stating the "irregularities" and when she was ignored, she left and found another job. That's the right way. Yes, AFTER she was gainfully employed she was subpoenaed to appear before Congress because her emails were discovered.
Getting on your high hoarse and reporting will get you fired. Sue for wrongful termination? Good luck with that. Even if you win, you won't get enough to live on for the rest of your life because as a whistle blower, you are unemployable.
Whistle blowers lose every time.
tl;dr
That's why they don't trust us.
It's become a harsh world for the thee monkeys. I'm referring to the monkeys Mizaru "see no evil", Kikazaru "speak no evil" and Iwazaru "speak no evil". In the days of written letters there were seldom times when one was professionally compelled to witness the private thoughts of others. Now we have mailboxes and photos and browsing histories scattered on disks. Every popular program that manages information wants to slap it all up in your face as soon as possible.
The 3monkeys problem doesn't relate to knowing or discovering passwords, unlocking access. You're perfectly free to flaunt your prowess as a fixer or safe-cracking locksmith. Good 3M compels you remain unaware of the contents of the safe after you have opened it.. After a successful IT job are you in a position to honestly say not a single photo (or thumbnail) was displayed, not a snippet of private text was displayed, even for a moment? If not,then (perhaps) there are ways to refine the technique.
As a PC tech I started to imagine it as sort of a game, where you lose points if you see anything private. When forced to run programs to see if they were functional, I'd de-focus my eyes and could see that something was there, good enough. When cleaning viruses or upgrading I preferred to invite the customer in to run all the necessary programs to ensure their data was there.
In the Internet age it went massive. Someone is always root on machines that store hundreds of thousands of mailboxes. I started a Freenet and have run two ISPs and I have never peeked into anyone else's email unless directed to with immediate consent. Even then rarely, and not without a bit of nausea. Why? Because It is just too damned easy... in the same sense that pulling a trigger is easy. So early on I have programmed myself that way. If you pick up a gun you won't hold it by the trigger. As an administrator, I won't pick up your account by its email.
In the early days of mailboxes, Sendmail and queues when solving problems meant shuffling mail around sometimes rewriting portions of headers, it was a simple as using grep and using well-tested scripts to avoid seeing content. Many things were block and line-oriented ASCII. Not so easy today, when everyone loves to embed their favorite database solution.
Imagine that you have been called in to de-virus and recover data on a PC. You have been offered handsome pay for your work, but as you work you realize there are two men standing behind you with telltale bulges in their suits. They are watching you and the screen in front of you very intently. You sense that there's something on that PC that could put you in a bad way, should they catch a glimpse of it. Could you complete the job without... incident?
Developers of software that manages people's secrets should always consider the plight of the 3monkeys IT worker. This could mean a command-line utility, as prevalent as a standard uninstall procedure (ahem!), that is guaranteed to sift through and verify all functional areas of the program and its data store, and in the end give only total statistics of content --- enough to see that you have not reverted to an empty database. It would be good to provide this utility.
Some day, someone's life may be at stake.
<blink>down the rabbit hole</blink>
... the priests of the computer age. "You wish for me to repair your life (computer), then you must confess your sins, so i may know how many nasty porn viruses you downloaded."
In my case, I knew 97,5% of a class build up with abused-when-children bullies, software piracy supporters and one-time-friend homework leeches, people who have no idea what they were doing. Seriously, anyone from that time can come and try to talk with me, and I'll remain far beyond their knowledge about computers. Metting them after graduation is something I hope never to happen until the last day of my life.
A truly professional "IT Pro" will learn to forget the things he has seen about his/her colleagues.
We've all had to do things like: check mail spools, check user directories, enable debug-level logging on various systems, etc. and seen embarrassing or personal things. The question is: are you a professional who learns to forget it and stick to the relevant data or are you a shithead who spreads rumours and makes us all look like privacy-invading assholes?
Trolling is a art,
...colleagues embarrass IT pros. Oh, wait...
While I agree that we should be Professional IT workers, but I believe there's even a more practical reason we say nothing about the 'interesting' things we see on Executives personal computers, or even the company owner's business computer: We've got more pressing matters. Or in layman terms: We ain't got time for that.
There's always something more core to the business that should be done to spin our wheels with whatever personal or private information someone has on their computer. The exceptions might center around the IT Security guy, safeguarding trade secrets.
Awk! Pieces of eight. Pieces of eight. Pieces of seven... ERROR: General Protection Fault. [Paroty Error.]
Is this supposed to be surprising? Hell, I don't even work IT and I've had to deal with this before at work. People who don't know computers do stupid things with them. Or they do things they don't realize will still be on the computer next week when they're back at the office on the corporate network. Shocking!
As for "potentially embarrassing" that means so little as to be useless. Nothing embarrasses me but I have coworkers that would be embarrassed if you heard them sneeze. There's such a spectrum to that it's completely irrelevant.
"Growing old is inevitable; growing up is optional."
The "I read your email" shirts aren't a joke
Why is it surprising or newsworthy that professionals exhibit such characteristics. Maintaining someone's confidence and privacy is common decency!
Rather than trying to portray IT Pros as sort of superhero, with the superfluous non-sense about dropping everything and rushing to the rescue when there is a failure and exerting "superhuman" restraint for not disclosing private or confidential information, why not realize it for what it is. Professionalism.
IT professionals should always exhibit such professionalism and those that don't should be dismissed. If you see private information, realize that it is someone else's information and it is private, ergo you STFU and get on with your job!
Dogbert's Tech Support.
"National Security is the chief cause of national insecurity." - Celine's First Law
Saw nude selfies, sadly of a male coworker.
CEO in a threesome.
Was remotely controlling a users PC and had to type a URL but made a typo and it pulled up his recent history and went to the last fetish porn site he visited. He immediately commented that next time he would clear his history before contacting tech support but I said don't worry (since I recognized the odd fetish site myself so who am I to judge?)
Read some stuff, discovered the secret romances and affairs going on... none involving me :(
Thankfully nothing illegal!
I've been a Unix or Linux system admin most of my career and I've found out several embarrassing things about co-workers.
1) The first was that two co-workers were using a system I managed with 50 or fewer users to send erotic email to each other. Both were married and not to each other. I'm not sure that there was any real activity going on. They may have simply used email to sort of flirt with each other. But if management had known what they were saying, both might have been fired.
2) The job after that involved my small system admin group (3 people) in the 1990s getting a bounced email message that our manager sent. Back in those days, home internet services were so crappy (AOL and the like) that many IT professionals deliberately used work email for personal things. Turns out that our manager, who was married at the time, was into BDSM and he was looking for partners while on company business in Europe. Our group kept his email to ourselves and we found a way to fix his email problem so that we didn't get any more bounced messages without ever telling him what we saw. He was a good manager, so we didn't want to embarrass him. He did end up getting divorced not very long after that. We weren't surprised.
3) Some years ago due to an email addressing mistake a confidential email between an HR person and someone else in the company ended up going to my group's email and we saw the exact salary of a developer in another department. This developer was, I think (not totally sure about it), in the US on an H1-B visa instead of a green card and was very badly underpaid compared to others doing the same job. This developer was a very well liked co-worker and I felt kind of bad to find out how little we actually paid them. I've believed for years that the worst thing you can ever find out is what kind of money your colleagues actually make. I've seen really gross discrepancies at every job I've ever had with idiots being paid too much and good workers being paid too little. Finding out exactly how bad this is in reality is just terrible.
At one of my former employers, I had access to some online financial accounts (paypal etc) with hundreds of thousands of dollars doing regular turnover. I really didn't have much need for the access except on a few isolated incidents of cross-referencing payments in logs with the provider.
When the password came up for expiry, I actually asked my boss if I could *not* have the new password. My main rationale was that
a) I didn't need it
and
b) If something ever went wrong (e.g. somebody hacked the account, or another person who had the password stole funds, etc) I didn't want to be one of the people under the spotlight due to having access
Beyond that, I've seen private emails of superiors, records of co-workers, clients, or friends etc. Generally my rule is
a) If accessing an active machine, ask that the user close anything sensitive beforehand
b) If accessing email, ensure the user realizes and ask if there's anything I should avoid seeing
c) Ditto for files. If I'm moving or copying stuff around, I generally ask if there's places I should stay out of
A lot of clients don't understand (c) until I explain that it's not uncommon for me to see some very *interesting* filenames fly by when coping browsing history or users documents on private PC's. As I tended to do a backup-wipe-reinstall-restore on client drives for badly hosed machines, I tried to ensure customers knew I was copying their data for later recovery.
The only time I had a major moral quandry was when I was backing up a client's PC and filenames for some URL's etc of various dubious material floated by. The files were in their younger son's profile, but were of a type that could land them in legal trouble. I passed that on the the parent (owner of the PC).
And less than 5 minutes into troubleshooting, I find it's loaded with porn. Stop looking at that crap and get a life. A week goes by and it's the same thing.
I thought I was the only one witnessing this kind of stuff........
Keeping mouth shut and saying yes = 15 year job with raises.
is that the average IT worker lives such a tame life that he has only seen perversions and horrors on a co-worker's machine, share, or email account, while other departments' employees have to keep secrets to which they have been a direct witness or accomplice.
especially the last paragraph:
“In our experience, the number one factor that influences employee commitment is the manager-employee relationship."
if that doesnt exist, you wont keep people.
and as for secrets, IT gets involved more and more that just the files on servers and desktops. The security system and badging are on what, a server. who backs it up. who helps then configure some aspect of it. who can help dig out useful information from the logs.
and of course there is the video surveillance system, who has to help them get the video off to a dvd that can be used in a court room...
Stating the obvious is news? Seriously, it's been the case from the very early days that sysadmins have access to confidential information. Used to be we had access to everything. Due to siloing, not so much anymore, but still way more than most people think. (a) People keep sensitive information of various levels of sensitivity on computers. (b) Other people are hired to manage, maintain and repair these computers (a) + (b) = ...you figure it out.
It has been long the case that sysadmins have had access to information that we needed to keep to ourselves. Perhaps three times in my career, I've had managers outside my department request that I break into user's accounts to retrieve information. How you handle such requests tells a lot about your personal integrity.
Of course there are valid reasons to dig into people's stuff -- properly vetted legal investigations, terminated employees and so forth. But when a manager asked me to dig into people's history to see if they were visiting job sites, I politely declined and referred him to my manager. And the guy who wanted to know if his girlfriend was dating someone else. C'mon, you knew what you were getting into when you started an office romance.
Practice erring on the side of privacy, and you build trust in the organization. How could an exec trust you to be in charge of his stuff if you have a history of digging into his employees' stuff?
Oliver's law of assumed responsibility: If you're seen fixing it, you will be blamed for breaking it.
There is a difference between:
* my coworker had sensitive personal info using its job laptop or pc,
and some coworker saw it, or read it.
versus
* I got some sensitive personal info from a coworker,
and Im telling everyone, he or she likes to go to those stupid childish anime cosplay,
and Im telling everyone in the office, becaue Im a j*erk
This is one of the cases where recruiters, wheter Human Resources or technical,
may be in the "gray area".
I have personal problems in jobs, because coworkers get personal info,
that I DID NOT provide, and does not interfere with my job,
(example: political views, religious or not religious point-of -view,
even my favorite sport team),
but, they not act "professionally".
I have seen many funny things, and that even without trying hard, most of the things accidentally:
- the manager that went all day long looking at tranny porn instead of working;
- the secretary that had viruses with horse bestiality all over her folders;
- the HR department that left a text file with ALL the salaries in a public folder;
- the department that used the bank transaction system as a games console;
- the consultant that used to spend the billable hours playing galaxians;
- the ISP were 90% of the users had the same password;
- people using sex meeting sites at work;
- people running file sharing servers at work *extensivelly*;
- users sending their VISA cards over the email system;
- workers running joke emailing lists enterprise wide and then complaining about "email not working";
and so much more. I actually preferred I had not stumbled over those things.
I knew multiple HR reps and in my experience they've always been the worst for smut and non-work related stuff on company PCs. One poor VP brought in his personal iPad to get on the company network and up popped some really fun stuff. His response was classic though, sheepishly he said 'I'm on the road a lot and sometimes I get lonely." I think he thought I was going to have more of a reaction than I did. I just shrugged and got it set up. The thing that gets me is people who do and then leave their tax documents on their company owned equipment. Your work equipment is not the place for your tax documents and it's definitely not the place for 120GB of your vacation videos.
...I stumbled across some messages being exchanged between my manager and the president of the company. This was pre-email, some dumb Novell messaging tool from the late 80s.
He (the president) was swooning over her and telling her how he was a "one-woman kind of man" (which is funny given he was married) while she was reflecting on the wonderful night they had "walking hand in hand through the snow".
Eventually his wife found out, my manager was fired, he was divorced and had to sell the company to pay her off.
I never said anything. But my manager was so horrible I just smile thinking about karma...
Darryl L. Pierce "What do you care what people think, Mr. Feynman?"
I used to work at a tech company that was acquired by a large insurance company. The acquiring company had a project with us called "Mobile Claims". A co-worker on that project got an email one day that contained a picture of a penis with little eyes glued on it, and a cowboy hat. This was the late 90's. What we now consider the obvious thing to do in a case like that (delete it, and hope no one saw it over your shoulder) was not obvious to him. Instead, he thought the picture was hilarious, and decided to forward it to his mom and dad. He hit Ctrl+F, typed "Mo" in the Address book to filter the recipient list to "Mom and Dad", hit Enter, then hit Send. Trouble was, his contact list now contained other "Mo" entries, such as "Mobile Claims Team", which included people at all levels of the acquiring company. Minutes later, he started seeing emails in his inbox along the lines of "Hi, I'm out on vacation, but will respond when I return, Sincerely, Some VP at the acquiring company". Long story short, the penis picture ended up going out to all people on the project. He got into huge trouble, but wasn't fired.
I always laugh when people try to say that homosexual behaviour is not natural. Have you not heard of bonobos? Oystercatchers? Dogs? Don't even get me started on snails or earthworms.
We read your e-mail. We know what websites you visit. We know who you're fucking behind your spouse's back. We know your salary / compensation package. We know your weird fetishes, hobbies, etc. We know about your health problems / STD's. We know about the bad stuff you did that may get you fired, indicted, or sued for everything you own.
Just leave that shit off your company laptop / e-mail / home directories.
Oh - and if we walk, we talk. Can't say I never handed a full network backup tape to an FBI agent shortly after I got fired once. Too bad the company went out of business not too long afterwards. Ooops... sorry about that.
So yeah... Don't fuck with your IT people.
My supervisor did 10 years in prison for raping an 11 year old. Hmm... How bout them apples.
Also one of the service techs did hard time for cooking meth.
And lastly, the guy in the paint shop is 24 and balding. Gross like the bad guy from Road Warrior. His hat fell off yesterday.