Slashdot Mirror
Stealth Software Used To Spy On Employees
Baraka writes "As if reading the e-mails of their employees wasn't enough, some corporations have gone as far as to install hidden software on their client boxes. The software secretly monitors all keyboard and app activity. At the end of the day, the gathered information is e-mailed to the "offending" employee's boss. Read it and weep, folks. Looks like Big Brother is alive and well in the officeplace. "
I guess those daily porn breaks will have to stop .. oh well
If your employer's doing this, it should be a case of invasion of privacy. However, it isn't since your employer owns the machine and network, and all rights to monitoring thereof. That's why you need to install Linux on it, and just fire up fvwm95 as a WM and your stupid Dilbert-boss will never know the difference...
Mike
Since office work began, employers have monitored employee performance. Scrooge expected his minions to keep up the pace, or be kicked out the door. Time-motion studies decades ago were used to identify what levels of output the most efficient workers would be able to produce.
This is just a finer resolution of detail. Instead of measuring completed documents, they're measuring sub-units of the document.
It's annoying, but it's no different than previous measures of performance.
--
Don't like it? Respond with words, not karma.
With all this spying on office employees. I feel a lot of people will become paranoid. I'm predicting a few frivilious lawsuits as well. After all, who does like to be spyed on?
If I get a job at a place that has "spying" software, I'll feel like I am being violated in some way. Not that I'd pull a lawsuit at my employers, but I'd bring my opinion to their attention.
-PovRayMan
----------
Check out my blackbox styles
as long as they keep these things out of the (public high) schools for 2 more years... I wont have to be worrying about it =)...
however, what exactly is so bad that the employer would think they HAD to take measures like this? I mean surely it would have to be something worse than the occasional porn break wouldn't it?
another thought... what are the possibilities of this being installed on someone's system and used to steal source code or other valuable information for a competitor? this just has all sorts of bad uses...
fsck -t goldfish
Actually, in retrospect, this might be a ploy by the company to generate interest in its product. The more controversy surrounding this product, the more people who are informed about it -- kinda like Apple complaining about export policies in order to brag about how fast the G4 is.
Personally, I think monitoring is not a good idea. If an employee can double his/her productivity by taking short breaks to chat with friends online, then by all means that employee should do so. It should be painfully simple to discover when someone is making trouble online. At that point, convensional methods should suffice unless special surveilance is required. In general though, spying on employees betrays trust.
I'm not advocating that this practice is a good thing (personally I think it's very bad and will lower moral). But we should really expect that this is going on everywhere we go. You see it in malls, stores, city streets and in corporate offices (don't be suprised if they're watching you in the bathrooms!) with not so hidden cameras (were are the hidden ones, hmm). This technology has been around for at least 8 years. Now with automated updates (via you corporate net logons) they can add/delete and monitor everything done with your PC.
Neil Cherry - Linux Smart Homes For Dummies
WinWhatWhere will never get a penny from me... and I will always refuse to buy something like this for my employer.
It seems American companies are willing to just about anything to spy and generally make life suck for there employees, but at the same time I keep hearing about how companies are scrambling to find people for there technical jobs.
If having to worry about finding another job is not a problem, why would anybody stay at a company when it starts spying on you, forbidding you to send private email etc etc? Is this just a matter of greed, because I know that as far as I am concerned some level of freedom at a job is worth a number of K $s.
Maybe I'm just not disillusioned enough yet...
-
If anyone really knows how a PC works, then that stuff is garbage.. You can find out what processes are running.. simple ast ctrl-alt-delete for task man.. If you really are a PC user then you can easily bypass any of that type of software.. ON the other hand, you are at work.. supposed to be working.. if you need big brother watching you then step aside and let someoen who wants to work work.
Isn't it illegal in some states, to video tape
employees without them knowing? This software
seems akin to video taping. I know if found out
that the company I worked for did this I would
quit.
Integrity is worth more to me than a paycheck.
YMMV.
I'm not really sure about you guys but I don't have time to browse for porn when I am at work. Every now and then I will check my stocks, but my employer does not frown upon that. I don't like having "big brother" on my computer, but if you are browsing some sites you shouldn't, you are violating the rules. This is like you guys griping about having cameras in the office so you can't sleep or stroke to porno mags...
Please don't flame me for being productive and wanting those unproductive slobs using up the network connection browsing for porn when they could be getting fired.
This product was done by the same people who now publishes Cyber Patrol. I believe that some of the code from the sentry product is in the Cyber Patrol product.
Injured software engineer wins against Mattel!
This is why I use my own box at work. Well, ok, it's not really why, but it's one nice side-effect. Generally companies large enough to do this sort of thing have standardized on NT, and have nothing but point-and-drool admins who have no idea what to do with a Linux box. My workstation: I built it, I own it, I administer it, and it runs Linux. I trust my new employers though, so I don't think it'll be an issue. :-) They ran SMS at my last job-- funny story: When I first got there, they installed NT on my machine (of course it was going to get wiped and Linux-ed as soon as they left the room). I had to sit there and watch for 1/2 hour while they installed the system, set it up, created a user for me, blah blah blah. Finally at the end they set up SMS, and told me "I'm sure you know how to disable this, but please don't, because we need it to... yadda yadda yadda." I just nodded and smiled. Weirdly enough, although I was not allowed to disable SMS if I used NT, removing NT entirely was fine with everyone.
----
We all take pink lemonade for granted.
There is no K5 cabal.
I am not the real rusty.
I actually saw a beta version of this WinWhatWhere program on www.betanews.com. A while back, I downloaded it, and installed it on my machine. The beta/trial version doesn't run hidden, but it captures every keystroke. I had a buddy of mine (who thinks it would be impossible for anyone to get his password), login to his ISP from my house, so he could check his mail. A few days later I called him up, and told him his password. Privacy issues aside, WinWhatWhere as a company have come up with a realitivly simple program, that's going to make them some serious cash. Thing thing I'm most surprised about is that no other company had come up with something like this earlier. As for the privacy issues involved, I personally think that business has far too many rights, as far as employee monitoring is concerned. But on the other hand, sadly, employees are usually a companies greatest source of theft. So it's a hard issue to deal with.
Its how they track how telephone call queries are dealt with. In fact, they even penalise operators who don't deal with the queries quickly enough. That's why call centers are usually called the new slave factories. Paul Guinnessy starbird@ftech.co.uk
Snooper software may catch who is surfing what sites, but is this good for business? Companies should IGNORE minor transgressions by employees, especially for employees in creative occupations (i.e., software design). To maintain a clear head and to stay creative, periodic breaks are needed. This may mean a quick game of Quake or Tetris, reading Slashdot, or netnews. So what if company resources are used for this? So long as the job gets done, let people enjoy their diversions. Cracking down on "unauthorized use" will not help the bottom line the way you may think. It will create an atmosphere of ph33r and paranoia that will actually end up hurting productivity than if you simply let things be. Can you work productively when someone's standing behind you staring over your shoulder constantly? Monitoring software is no different. So I say that as long as employees are getting their work done and not offending other employees (i.e., surfing porn where others can see it) ant not sucking up the company's whole T1 while engaging in brief periodic non-work activities from their private terminals and workstations, I say let 'em be. Happy workers are productive workers. No one wants to work for Big Brother. If my employer did this, I'd leave. Others would too. Of course, no company will explicitly say "Yes, you can surf pr0n, or play games on company time". Companies don't have to do this either. All companies need to do is evaluate employees on the results of what they produce. The means by which they do it are really a non-issue.
Not that I've used it but Donald Dick was just released.
http://donalddick.da.ru/
The best way in Win 9x to see what's running would be msconfig in the run box. If some are really brave they can take a look at the Registry and find the Run under the HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\Curr entVersion\Run and any of the other ones in that general area that have Run in them.
Now as far as it being illegal for the company to do this. That depends on how you look at it. The network and machines are the company's property therefore they can dictate what can and can't be done on said network or computer. That's why I just bring in my own laptop and plug into the network they don't mind that since it's my own stuff I can break it all I want. As long as work is getting accomplished though I don't feel a company should monitor it's employees that heavily.
This kinda reminds me of a telemarketing job I had for AT&T. They could always tap into your line and hear both sides of the conversation that you were trying to sell. You always knew that you had to not lie to customers on the phone and be nice and agreeable. But if you knew that Call Quality was on the line you would be sure to do stuff extra correctly. So if you know that boss is watching you probably wouldn't do anything you're not supposed to.
Good is never enough, when you dream of being great!
Score this down to -666, but it's true. Monitoring software is no different than having the boss standing directly behind you 8hrs/day staring over your shoulder. Workers living in constant ph33r of what the net-nanny will report about them will drive productivity DOWN and hurt the company's bottom line more than if you just ignored the occasional web surfing/game playing. Stop trying to be everyone's mother. Let people play a little. So what if company resources are used for this? BFD. Consider a business expense that gains you more than you lose. After all, happy workers are productive workers, right? Is having a bunch or paranoid, disgruntled, and less productive employees, always on the verge of quitting because they're pissed off all the time worth saving a little net traffic on the company T1? Think before you act.
Since I was running OS/2, I didn't have to load it, no OS/2 version.
If the MIS people could ever figure out Linux (fat chance), they might try to force you to load a monitoring programming.
Injured software engineer wins against Mattel
actually it is different than having your boss standing over you shoulder 8 hours a day... he can stand over everyones shoulder :).
really thought. for that 8 hours your shoulder is his shoulder... he's the one renting it and the (Fuck You... -666 head blah blah) head attached. if this monitoring reduces productivity he will take it away... its an evolution of sorts..
john
-- john
Pretty soon they'll have you punch the clock if you go to the restroom or to grab a drink. Wait a minute... some places already do this. I guess a lot of people will have to start packing Trinux or PicoBSD floppies and ssh somewhere else to do their surfing/usenet/irc.
It's about trust. If an employer doesn't trust me enough not monitor every little thing I do, why would I trust them not to abuse their power?
These types of managers are distrustful pointy-haired pinheads, looking for evidence to support their paranoia (paranoia brought on no doubt by the fear that their gross incompetance will be discovered).
By the time a company gets infiltrated by these types they're not worth working for anyhow.
Exactly when did employees monitoring their employee's activities become invasion of privacy? I could see the wrongdoing if the government was doing this to its citizens, but that's not the case. Companies own the product, they own the space, and as far as they're concerned you should be working on it. This isn't an issue of "Your Rights Online". Your rights in the workplace aren't the same as your rights in the workplace. Drug tests, mental screenings, and performance evaluations are all part of the game of corporate management.
There's paranoia and there's stupidity. The line is fine, but geez, you can still see it.
If you don't like the corporate policies, don't work for them. Either that, or get enough people to agree with you and form a union. In this country, workplace rights issues are usually hammered out by unions.
... as companies prcticizing this open
a really big security hole. A really-really
big creacekr paradise.
So, what were they using?
BO2K?
;)
Don't get the impression that this is a common practice in the US. It wouldn't get reported as news on /. if it were.
Besides, I'm sure they sell this software to all countries. Perhaps even to your employer...
Yes, it requires for me to run m$ windows/explorer 98 on my system but since I also like to check my personal mail on 5 other accounts, I installed debian on a 200mb partition. Now my sysadmin wants my root-pasword because now he can't read my personal stuff... Like hell he won't...
His argument is that he can't administer my system in case of mallfunction or when I'm not in the office.. He's just pissed... And he still hasn't got my root-passwd...
That will teach him to install Lotus Notes on my system...
I mean hey.. I've been running net bus and back orifice type programs on my bosses machine for over a year recording every key stroke.. employee reviews.. salaries.. i suppose it's only fair to let him have a go at it now. -Bastard
Nope. I ssh/telnet into my home box, download the porn with lynx and view it with hexedit.
Look a nipple: "A1 14 23 42 B1 07"
I do not understand people problems, YOUR COMPANY OWNS THE HARDWARE, THE NETWORK AND THE F'N machines for christ sakes, do you personal perversions at home on YOUR OWN machine, seems simple enough, otherwise get fired and find a new job...I know I inspect PC's remotely all the time, and IF I CANNOT GET TO YOUR PC remotely I show up at your desk and politely move you aside and inspect the machine locally. The companies are really worried about PORN and MY company was recently burned by ILLEGAL MP3's on the network... The answer is simple at work on your work machine you do WORK... Now personally i do not report most violators on the first infraction, i leave a nice big brother letter and check back in a week...I can say honestly that only 4 or 5 VERY STUPID PEOPLE have ever been terminated because of my reports, and they REALLY DESERVED it. I draw the line at child PORN if I SEE it your machine is locked up tight and you get a free trip to HR to see MR VP :)
Um, why are you replying to me on this? I am not advocating but simply presenting a situation where linxu (or any os) is not the answer
-
ping -f 255.255.255.255 # if only
All this talk about employees goofing off at work got me to thinking.. Most of my friends who work for software companies spend a lot of their time in chat rooms, on MUDs, or something of the sort (they'd suddenly be having very loooong days at work if their companies were this draconian), and so I began to wonder..
What does Linus Torvalds do at work? I mean, I can see his employer coming up and asking him what he's doing and Linus saying, "Oh, I'm just in a chat room. I'll get back to work in about an hour or so." Then his boss, "How long have you been chatting so far?" Linus again, "All day, really." Finally, his boss: "Oh, ok. Talk to you later then, Linus." I mean, what would his boss do.. fire him?
Not that I think Linus would do that, really, but it's kind of amusing to think of the relationship between someone as respected for his achievements as Linus Torvalds and his employer if he did. :)
~ Kish
A company hires you to work for them. They have bought (or rather, rented) a product (your labor and skills) which they expect to pay the company back more than they spend on you. As such, they have a certain right (not to say obligation) to ensure that they're getting their money's worth. As I see it, this is perfectly OK, at least within certain bounds.
First, they should make their monitoring policies clear. Monitoring performance is one thing, but secret monitoring is something else. Employees should know what they may be subject to, so that, if they don't like it, they have the option of finding another job without those restrictions. Second, they should monitor only the amount, not the content, of personal communications. As the ACLU rep in the article said, listening in on a phone call to a spouse is illegal, and a similar principle should apply to computers. However, the company should be able to keep an eye on whether the employee is e-mailing their spouse once a day, or every 5 minutes. Thirdly, any information gathered about an employee should be purged when they leave the company, unless said information is to be used in a legal action against the employee. Once the person is no longer employed by them, their right to know anything about her ends.
There is a separate issue, which several posters have pointed out. Regrdless of whether such monitoring is immoral (and I don't think it is, within the above limits), it's just plain bad for business. Nobody wants to work in an environment where they are being monitored 9-5 every day, and the psychological effects of being in an environment like that could be enormous, not to mention the effects of being prevented from taking a break every so often. It is accepted wisdom (does anyone know of any statistics on this?) that people are more productive when they are in a work environment where they feel comfortable, and monitoring their e-mail and calling them in for a meeting with the manager every time they play solitaire is pretty much the opposite of that.
Moreover, using this system to routinely monitor employees is a waste of resources. Looking for embezzlers and such is worthwhile, but not routine, wide-scale moitoring. There are much better ways of measuring an employee than how she uses her computer. The monitoring system measures input- how much time is being spent on work. But an intelligent company will realize that they don't care about inputs. They care about outputs, which are usually easy to measure by more conventional means (how much work the employee is actually getting done). The genius programmer who takes minesweeper breaks every hour, but pours out code at a spectacular rate, is worth more to a company (at least, to a smart company) than a dull, uninspired one who produces less, but faithfully spends all his time in the office doing work (at least, as far as his computer can tell).
"Never let your sense of morals prevent you from doing what is right" -Salvor Hardin
Likely this wouldn't work for company monitoring (they'd call you up and tell you to cut it out) but as a defense against unwanted/illegal monitoring software, how feasable would this be?
----
We all take pink lemonade for granted.
There is no K5 cabal.
I am not the real rusty.
Where I work, damn right I sleep in the office! I'll typically spend 3+ hours a day reading Slashdot, reading my personal e-mail, reading newsgroups not related to my work, and browsing the web. I also frequently enjoy taking a nap on the couches in our lounge area after lunch. I don't read porn though, because we don't have cubicles and I'd be embarassed if someone saw me. But anyway, on a typical day I probably spend about 5 hours wasting time, and maybe 5 doing actual productive work. But you know what? My employer doesn't give a shit! I'm *extremely* productive in the time I do spend working, and they know it. They know that if the coding I'm doing is monotonous, I'm going to need a lot of breaks to keep me sane. And then there are times when I'm just not in the mood to work, so I goof off for a while until I get that creative spark back. This is encouraged. We throw nerf projectiles at each other, and have mock light-sabre duels. Sometimes we even go watch a movie or play laser-tag in the middle of the day. We have fun.
You sound like one of those old-fashioned, back-asswards PHB types that I would never want to work for. Get a clue, it's not 1950 anymore.
These guys really push my buttons....
Look, if the company owns the network, and the hardware, etc.... that's fine, they get to say what happens on them. Do work at work, yes I agree.
BUT! These are the same companies that DEMAND 60+ hour work weeks! If they're so anal as to demand complete control over everything their employees do, then they can pay for every stinking hour that the employee is there. Don't pay more than 40 hours? Then watch your employees walk out the door at 5 each and every single day. Got a deadline? TOO DAMN BAD. We all have to go home and live our lives -- since we sure aren't allowed to do anything personal at the office... right?
-- "No Vir, the Universe is an evil place, but at least it seems to have a sense of humor about the whole thing." -- Lo
This is very, very, very scary. What's next, keyboards that have monitoring circuity hardwired in? Monitors with hidden cameras? Mice with hidden mics?
Or mabe I'm just paranoid. But I doubt it.
-- Veni, vidi, dormivi
...So why are you complaining! You are at work,
doing a job, using the employeers hardware,
in the employeers building, doing what your
manager asked you to do. Why on *earth* should
you expect any privacy in that situation.
Look, if you have to make a private phone call
take a f***ing break, go to a pay phone, and
do it. Otherwise stick to work. If you want
to find out what's happening in the world, buy
a newspaper and read it at lunchtime! Don't
waste your employeers time, bandwidth, and
electricity by sucking down www.cnnfn.com every
10 minutes.
I'm so sick of people deciding that they OWN
the computers that employers purchase and put
on their desks. You wouldn't run your own
errands with the company delivery van, you would't
use the company paint shop to repaint your car,
why is the computer on your desk any different?
Look, remember that anyone who has physical
access to a machine can be running a sniffer,
and the root/admin can read all, and stick by
my rule of thumb: Never put anything on a
computer you wouldn't want printed out and stuck
on the bulletin board in the cafeteria.
Rant complete.
-- ac on this one
There's am old saying in law enforcement. "Where one man can go, another man can go". If the crooks get motorcycles, the cops get motorcycles. If the DEA gets high resolution radar, the drug dealers get the same. Everyone gets so uptight about cracking and monitoring of computer networks, but this is the same thing. If someone puts a monitor on my box, I put a blocker on the monitor, and so on ad infinitum. In the end its about trust. If you have to work with someone you can't trust, you need to protect yourself. If you can't trust anyone you work with, you should do some serious thinking about why that is.
And here I was believing the hype, and the evidence from the incessant recruiter calls,
that the job market is soft. Soft enough that
companies with stupid policies and PHB's lose
their employees because it's so easy to quit,
and take a new job monday.
I'm not just talking out of my ass here.
I work in one of the *good* places and this
is happening.
I guess there's still people out there who feel
tied to their jobs, as if quitting and going elseswhere would be more difficult than putting
up with invasiveness.
Guess I'd better get to work then.
Once a co-worker showed me how the old IBM mainframe at the place included a monitoring tool. It was quite scary - it let the manager see the entire screen of the user remotely, in real-time.
Keep in mind that this was on a pretty old OS (MVS, with block text screens) and that nobody there knew it existed. One feature - it allowed you to assign the userids of people who could monitor you, and we tried it out. Really creepy feeling, watching the other guy's screen as he typed stuff.
What spooked me was that it had been there for months, and nobody knew of it, or if they were being monitored. My mgr wasn't the type to do it, but who knows if there was some Stalin type surfing across hundreds of people's screens?
You are there to do work, not surf the net for fun. If it is such a big deal for you then bring a laptop and use it for personal stuff during coffee breaks.
---Got Coffee?---
I work in a typical networked environment where all PC's (running Win95) log into one or more Novell 4.x servers using NDS.
Obviously, by default, the Novell client tries to run a login script which is typically used to assign default drive mappings and the like. The login script can be enhanced to upgrade software, start default processes and anything else that can be done with a standard MS-DOS batch file.
If I disable the login script, is there anything else the sysadmin is capable of running on my PC?
FYI: Microsoft's NT client won't allow you to disable login script processing.
This is a boring sig
I don't see that sending a private email to someone in your family is something that should get you in trouble via the company access.
Yup. Using the company's hardware (and time) for these private conversations is no worse than using their phones to make a personal call. And should be treated the same way. If the company allows employees to occasionally use the phones for personal business, they should allow similar use of computer terminals. Abuse of the telephone or the network to the extent that it interferes with an employees work can be dealt with without surveilling (is that a word) the communication.
Porn sites and the like is not something you should be doing at work. Nor is chatting.
Well no, but I don't think spying on employees is justified even in these cases. If their use of porn or chat affects their work, or that of other employees, it gets noticed. No surveillance needed. If it doesn't get noticed, then can it really be said to interfere with work? And if it doesn't interfere with work, why should the company care that it's happening?
In short, I think it's okay for employers to have and enforce rules regulating employees' use of company communication equipment. I do not think it's okay to eavesdrop on those communications. The same rules should apply whether the communication is spoken over a telephone or typed into a terminal. The same rules should apply whether it consists of pornography, stock quotes, or a friendly call home to mom.
Go here.
BUT! These are the same companies that DEMAND 60+ hour work weeks! Uh, no? Most of the companies that do this either do it for non-technical jobs or for jobs where your time is being billed (think military contractor here). These are, by and large, 40-hour-a-week outfits. J. Random Internet Startup generally realizes that this sort of thing is suicidal.
Sell them to PHB's. Case closed.
The message on the other side of this sig is false.
Well it's more than annoying, it's de-humanizing. It's viewing the employee more and more as a tool (read non-human) than as a unique entity that can offer much more than the "worker as tool" viewpoint would suggest. In other words companies who practice such behavior shouldn't be surprised if their employees start behaving like "tools" with all the attendent "inflexability" that goes with that. Considering all the talk that companies do about being flexable (read fast-paced) and competitive such practices are ultimately self-defeating.
People's workplace should be a non-threatening environment. If workers feel like they are being constantly watched, it doesn't create a conducive environment for productivity.
I am a network administrator for a small-ish company. While I agree that breaks are needed to keep moral at a good level, and that breaks from stress increase productivity.
The question is this: how can I decide, as an Admin, the defining line between an employee wasting company time and taking a much deserved break? It's impossible to set a standard for all employees company-wide. Different people handle stress differently, different job expectations cause different amounts of stress. Yes, I can draw the line and say "You are not permitted to look at pornographic material which at work." But I don't feel it's within my rights to tell an employee that they aren't allowed to use, for example, ICQ while at work.
Employees must simply take it upon themselves to see that software like this isn't necessary. Don't abuse the freedom that an employer grants. I'm not saying you can't play a game of solitaire. I'm saying that you shouldn't play solitaire for 2 hours a day. Moderation. When an employer receives the perception that there is an abuse occuring, that's when software like this seems like a viable solution. Don't give them that opportunity. And if your employer decides to implement this software without provocation, then quit. If you aren't abusing the freedom you are granted, take your talent and abilities elsewhere. Chances are, that employer doesn't deserve you anyway.
I agree fully. Now...to all those who have been posting stuff like:
/. on a Sunday). So they are cubicle workers who SUPPORT an attitude of fear and constant monitoring, but they haven't been promoted to management yet. So are they PHBs waiting to happen? Or do they blindly like authority?
"It's the company's property. What's wrong if they monitor every keystroke and email? You should be working anyway!"
I have a question - what makes you support Big Brother? Ideologically, emotionally.
What I find very surprising is the mentality of these people. Obviously, they are not powerful managers who would actually be doing the monitoring (or they wouldn't be reading
I have great difficulty understanding this mind set. So please enlighten me...if you're one of those people.
Note - Don't reply saying it's legal, blah blah blah. So is FBI tracking of cell phone location, and I'm sure there are people who support it.
My question is not the actual merit of the view, but the psychology of people who SUPPORT pointy haired bosses while being cubicle drones themselves. Why?
Indeed it is happening and will continue to happen. However one shouldn't give in to defeationist thinking when approaching this problem. If we do then we will lose our right to complain and possible recourse when this trend accelerates (and it will accelerate). Sometimes the best time to solving a problem is when it's in its early stages and not when it's too late.
Therefore, as long as the software is being used in a *controlled* manner, and only for very limited periods of time, on people who are suspected of wrongdoing, I could agree with it's usage. I'd rather be proven innocent by being monitored, then automatically assumed guilty!
I believe the Slashdot audience should be familiar with Neal Stephenson's "Snow Crash". Does anyone remember that in the novel, the U.S. becomes a huge impotent bureacracy, where all the employee's keystrokes are analyzed, processed for efficiency, etc., etc., etc.? Welcome to the Brave New World, everyone! Btw, does anyone ever get the feeling that these sh*thead companies read sci-fi just to steal the really bad ideas and put them into practice? :-) Anyway, that's my two cents. Lurker of Anonymous Depths --Don't get sucked in by comments - only debug code.
Convenience store workers have a video camera on them at all times while they work. This isn't an invasion of privacy because they are on the job and the employer has a right to film his store. If the employees were being videotaped while they're at home, that would be an invasion of privacy. Same thing with your machine. Your employer has a right to track what you do while you're at work and while you're using their equipment. If you think that you should have more leisure time while at work, or if you think downloading pornography will increase your productivity, then talk with your boss about it. You shouldn't assume you have the right to surf the web while on the job anymore than you should assume you have the right to a six hour lunch break. Any time not spent working is a break, if your boss doesn't want you to have the break then live with it or find a new job. Few people have ever complained about convenience store employees being videotaped, why should computer surveillance be any different from video surveillance of employees?
This environment makes it difficult to know what is going on, as it would all run on the server.
Hmmmm . . . hack the server maybe, but there ain't much on the client to play with.
-- Reverend Vryl
I have had very little problem with issues like these working for small companies, those with about 100 employees or less. There are exceptions, but you can work around them, so to speak. Most small companies don't need such *BS* because they can quickly tell if someone isn't doing their job -- everyone is important and it gets noticed when someone slacks. People know each other fairly well and generally try not to offend each other. It's not a cold impersonal environment.
Corporations, especially the large ones, have indeed made pyschological screening, insurance redlining, credit checks, drug-testing, and lack of privacy the industry standards they are today. The scariest part is that they have great influence over lawmakers and unless we fight it, choice may vanish completely no matter who you work for.
The phone company owns the networks I communicate over, and it even used to own the handset in everyone's home. People *still* have an expectation of privacy in phone conversations, and have been legally upheld in this expectation. Its not the ownership per se, but the explicit signed agreement on terms of use that should dictate whether an employer can snoop or not. If I see such a clause in my contract I'll ask it to be struck, or keep looking, just as I do with drug testing clauses. Their power extends exactly as far as what we will put up with. Too much in my view.
Or rather invade Windows with DJGPP, GNU utilities, BSD utilities, X-Server, until the only thing running is the Windows kernel.
Write a WORM to passively and invisibly do that to all the machines.
If you're a sysadmin, even better. When they try to upgrade to the W2K bug it WILL fail because they'll be using the ugrade CD.
Have it running from a box they can't find. Then when you're done leave your job, or relocate.
Damn. Lucky Bastard.
The message on the other side of this sig is false.
Personally, I have no idea why someone would want to work anywhere where this is done.
Most readers of Slashdot are most likely techically proficient enough to have better job mobility than to have to deal with this type of garbage.
Though I disagree with monitoring all that somebody does (it decreases productivity, it assumes they did something wrong, etc...), I must say that it is the employers right to monitor what you do while using their equipment, on their time, in their building and you are getting paid.
If you don't like what they are doing, go work somewhere else, that is what America was founded on, Liberty. You can work anywhere you want, you don't have to work there.
That's my 1/50 of $1.00 US
JM
--Justin Mitchell
"2nd Place is a fancy word for losing" --Bender (Futurama)
I just don't see how the people that work for WhatWinWhere can live with themselves. This strikes me as very immoral. (And I tend to think of the industry being enlightened to things like privacy.)
"I always try to look on the bright sidem it's just that experience has taught me to expect the worst."
-- Garak
ST:DS9
I feel sorry for you if you can't figure out outlook/exchange well enough to set it up to check other email accounts. People like you whine about how 'dumbed down' Windows software is, but you can't even figure out how to set up email? :)
Let's face it folks, it's the company's equipment, network connection, and time. You never had any "right" to privacy. If you are misusing company equipment while on the clock, it's YOUR problem. Let's fight for privacy where it is merited, not complain that a company wants to exert some control over it's own equipment. *note* this message posted while at work :) Ironic, isn't it? Finkployd
Like any other human activity, there are lazy people, there are doers, and there are controllers; actually people are a combination of all three. Some doers do things by controlling others, but always with the end goal of getting things done. These people don't scare me, altho sometimes they annoy me :-) Soem doers have no interest in controlling.
And then there's the controllers. They have no goals other than controlling. Nothing they want done, other than being in charge. And since they know they are non-productive, they have to make their bosses, who somewhere up the line are doers, think they are doers themselves, or at least have some use as paper pushing managers, because doers don't want to hassle with management any more than necessary.
So these controllers need to generate activity and reports. What better way than this kind of snooping software? Never mind that a good manager would judge by end results. That kind of judgement requires long term observation and reasoned judgement. Controllers are ultimately cowardly, paranoid, and have termendous inferioty complexes. They know they are ultimately uselsss, so they have to work like heck to hide that with ridiculous reports. They can afford no criticism from below and have to direct all criticism from above to those below. They must shift blame elsewhere, and hope to get away with it as long as possible, before the doers above them get wise and realize the cost benefit ratio of a particular paper pushing controller is less than unity.
--
Infuriate left and right
should not go unrewarded. Can you give us your boss's email address? We can throw in a word for you.
:)
Maybe he'll even pet you or throw you a donut.
Where I work, we log all outgoing web traffic (via network monitoring, not via client-side logging). However, we only look at the logs if it is reasonable to suspect a certain employee, and we only look at the logs relating to that specific employee.
That way, the employees don't feel like Big Brother(tm) is watching their every move, but we also have the capability to monitor specific employees when necessary.
I understand that one or two people have been fired for viewing pornography at work. I don't see the problem with that. First of all, you should be doing work at work. That's what you're being paid for. But, more importantly, female employees can feel very uncomfortable when their male co-workers are viewing pornography at the office, and rightfully so. Many people consider it to be a form of sexual harrassment. Frankly, I don't see how it's harrassment, but I do see how it's extremely inappropriate.
However, too many people forget that legality is not the same thing as morality. I dare say, that as a fellow Libertarian, you, more than others, should recognize that. It is because of the failure of most people to draw that distinction that we have the level of over-legislation that we see today.
So, while the employer is almost certainly within his/her legal rights (at least in the US; I don't know for sure about in other countries), to do so as a manner of course would be highly unethical.
As some others have said, however, if this is used only in the presence of preexisting suspicion, I don't see such an ethical problem. I suspect that the temptation to use it in other cases is too great, however, to be able to realistically limit it to only ethical use. Better to just avoid it all together, if you are an ethical employer.
--
Interested in XFMail? New XFMail home page
Huh? Where do you work at? Most of the engineers and scientist that I know of work 50+ hours/week. And this is at some of the largest names in Silicon Valley. The only people that I've seen doing 40 hours/week are the ones headed for another job soon. As for the startups, I'd say that 60+ is a minimum. :-P
Would you be so against this if you could monitor what your boss is doing? And why shouldn't you be, because your boss doesn't own the equipment anymore than you do. You are both employees of the same company, and you both have a stake in making sure it remains profitable.
Ultimately the shareholders own the equipment. So, why don't the shareholders monitor everybody, including the executives? Wouldn't an executive wasting time cost a lot more than a lowely employee? Is this is about making sure resources aren't wasted, or more about keeping people "in line"?
I could put this reply in many places, but this one seems good as any. Trying to control, moderate, regulate, or whatever through symptomatic behavior is inherently broken. It is better to base adjustments directly on the desired output or behavior, if available. In this case as in many the desired output IS available.
In other words, judge employees on actual end productivity. If they get the job done at the level expected or desired then all is well. If not, adjust. Reward better than expected output. Take other action on less than expected output.
This same argument applies to many U.S. policy problems today. We should focus on punishing the undesired crimes, not the perceived prerequisites. Punish theft, murder, etc. Not drug use, MP3 technology, or encryption.
As a relevant aside, I have heard of some proprietary monitoring software implemented in Lotus Notes at a regional bank that actually did record how much time employees spent perusing emails and company memos (I suppose to see whether they were actually paying attention or in need of a possible attitude adjustment, a la Snow Crash).
This would all be more frightening if the would-be big brothers were less naive and if I were less confident in the talents of the open source community.
Putting aside the ethical arguments about this for the moment, this reminds me of what one of my professors told me about his days as a programmer when he was in the military years and years ago....
Basically, they judged the programmers' productivity on how often the successfully compiled a program. There are several problems with this. First, just because a program compiles doesn't mean it is a good program, and second, they could just compile the same program over and over again looked the same is compiling new programs. It got to the point where no programming was being done because everyone was compiling the same programs over and over again because if they didn't they would look bad in comparison to the others.... (and just think of the CPU cycles devoted to compiling useless programs.)
Monitoring software these days is more sophisticated, but there is still probably a way to fool it. What it all comes down to is, is the work that you are getting paid to do being done?
Consider that some companies will spend millions of dollars trying to find a way to get one more minute of productivity out of every work hour. They might be successful, but by trying to squeaze blood out of a turnip they've spent more money than they have gained from the increased productivity. And then because of the bad moral, the general productivity will probably go down. People don't work good under constant stress.
To re-iterate, think of it this way, what if your company hired an extra person for everyone to stand and watch over their shoulder all day. Anything they gain in productivity is lost in payroll because they have to hire two people, one to do the work, and another to watch over them. And then it is a double loss because no one works their best with someone watching over them.
Finally consider turnover. Employees would not want to stick around long in such an environment. At best the company would lose their best employees, and probably have a high turnover in general. Turnover is not good for productivity.
THe places I have worked the only time I ran into that was SMS remote ito the NT boxen. OF course they made all users admins of their own machines but I just took out the Workstation/Admin acct and anything else outside of my own. I simply do use the net at work for personal stuff and if that is incompatible tough I'll go elsewhere. The only issue I have run accross is when I added a 2nd HD and installed Linux (I still needed NT for Outlook) I was allowed to get an IP addy which got me out onto the net but I was not allowed to put the Linux box into the NT domain.
The people saying that, while on corporate property, on corporate time, using corporate equipment, one must play by the corporate rules are basically correct. But the people saying that this is (or has the potential to be) a major violation of personal privacy also have their points.
So what's the deal?
The deal is, I think this is a tool which can be appropriate in a few limited situations with appropriate forethought and control. But I don't trust the teeming masses of management to apply it that way, and I expect it will be used as a sledge hammer.
What are some appropriate uses? Look to the original article, expand on their examples, and qualify the usage. Like it or not, a lot of companies have some very important data and information-- sales databases, customer databases, source codes, proprietary technologies, even something as simple as employee salaries-- that they don't want tranferred out of the company.
It gets worse when you start thinking about government or defense-related companies, where concerns change from corporate security to the national security information of a nation.
Additionally, companies can get into serious troubles if their equipment is used maliciously or illegally, even if they had no idea what was happening, and did not sanction it. Consider a corporate machine being used to distribute or download illegally cracked game software. Now consider a firm in the United States working on a government contract, where an idiot employee does this. The company is now in serious trouble if this comes to light.
Some of these things are going to be easy to detect, others, very difficult. And it is hard to tell a corporate security dude that he has no right to police his own equipment.
However, I can't see any real reason to start subjecting all employees to this form of scrutiny. This, I think, should be reserved for the situations when there is already an indication that "something is up," and then used to clinch the case.
Issue of productivity are, of course, either red-herrings or plain old misconceptions. There are time honored ways to waste time at work that have nothing to do with computers-- reading a newspaper, lounging, excessive coffee-breaks or chats with co-workers, and just plain old malingering will always be with us. Any supervisor who would need to rely on this sort of ham-fisted, intrusive foolishness should himself be fired for incompetence. A good supervisor relies on non-automated metrics of productivity, not automated metrics of diversionary activities.
What this would resolve down to is a reason to fire someone. Dilbert manages to embarass the Pointy-Haired Boss too many times? Well, PHB downloads Dilbert's electronic records, discovers that he e-mails his mother once a week, and terminates him for mis-use of equipment. If it weren't, it would be someone else.
So, it's a trade-off: Is it really worth annoying your workers by making the assumption that they are all crooks, criminals, spies, and professional malingerers, just to catch the 1.5 percent that are?
I doubt it.
--OFFTOPIC--
Truthfully though every street is not a speed risk. It is usually only a few intersections or locations (where the posted speed changes abruptly, for example) where speed and accidents are a problem. Parking a car in plain sight _would_ help curb speeding if that was their intention. For example this tactic was used when I was in Germany. The police would place automated cameras at places where speed was a problem. They sent you your picture with your ticket in the mail. Very few people could argue with the camera and they were a great deterrent.
On the other hand my father is a police officer. Their police chief is not the most ethical or brightest one around. He demanded that they have more "Officer Initiated Cases" and that failure to do so could result in dismissal, or at least a poor performance rating. He didn't say "tickets" outright but that is what an Officer Initiated Case is. Oh and the money from tickets goes directly into the Sherrif Department's budget, they even had a surplus this last year!
Not a good situation, most of the deputies hope that he gets voted out this next election. Unfortunately the people smart enough to do the job are also the ones who are smart enough to not want it.
--/OFFTOPIC--
-- Remember: Wherever you go, there you are!
I thought it was intresting to see E&Y on the customer list. Being a former Sys Admin there, I can assure you they could easily install this on most of their 70,000 employees laptops with little effort. These are laptops that go everywhere with the consultants and contain a good portion of their buisness and personal life (That is if they have a personal life). The chances the TSS department will abuse this power is VERY high.
-Praxxis
Then I think about workplaced that don't and will most likely never have this, and again, I nod in believing the truth of it (again, news and word of mouth).
Maybe the difference between the workplaces where something like this will most likely be implemented, and were it won't, depends on the computer-savvy of the employees at the place. I think about places that are most likely never to implement this, and I think of game programming shops, web shops, unix shops, etc.. basically where unless you are the boss' son, you've got your job because of your computer savvy. At those places, from what I've been told, they are relaxed, might be on IRC, might be ICQing, may send out 50 emails a day.. yet still get out the product on time. Maybe because they know how to juggle their computer time wisely (I know that when I'm not busy with research stuff at home, I can chat in 2 or 3 irc windows and still get web or java programming done). Which suggests that any job that requires compilation might lead into this :-)
On the other hand, an office full of suit & tie bankers or accountants, that think the paper clip in Word is cool, might end up wasting hours on IRC or ICQ because they don't know computers and aren't efficient in doing something else while they wait for their friends to respond to mail (I've seen someone do this at my workplace. Type a message, sip coffee.. wait wait wait... message comes in...type a reply, and sip sip sip... an hour later, he gets back to work. Oy!)
AGain, a lot of whether your workplace is computer savvy or not.
However, I still stand by the point that if it's during the 8hr day that you're paid to be doing and on company property with company computer and a company-funded internet connection, the company has every right to watch what you are doing. They're stupid if they go Big Brother on the workplace, but they have that right to do that. And you have every right to find someplace that doesn't do that.
"Pinky, you've left the lens cap of your mind on again." - P&TB
"I can see my house from here!" - ST:
I interned at $Very_Big_Multinational, and they were very into monitoring. According to the admin, they used it primarily to screen "undesirable" sites for the filters, which they also applied.
If a site was on the filtered list, the filtering software popped up an "unauthorized" page and a reason for its being unauthorized.
Sites such as Salon were banned for being "alternative news sources", while the Dallas Morning News was fine. Suck was not banned, but The San Jose Mercury News was.
I was told from time to time that I "should be careful" what sites I went to. I never felt the need to be careful, because all I ever went to were for news (/. and Wired), or I might take a break to play solitaire. But the engineers were scared shitless that anything they did could and would be misconstrued.
The place I work now doesn't do any of the fancy monitoring stuff, and my cow-orkers and I are happy, productive people who wouldn't abuse the network anyway. we like what we do. We like that we aren't violated.
I'm currently a [non-brittle - grin] Tech Writer, and I often have to back away from what I'm doing so I can consider how I'm doing it. A little free play helps. It clears the mind (Keptin, we have vacuum in the IS Department!).
Anyway, Monitoring? Don't care for it. I can work with it in place, but it bugs the hell out of me, even though I'm not doing anything wrong.
Mark Edwards
Proof of Sanity Forged Upon Request
What should one do when you have caught someone looking at porn on the company network, and you know who that person is?
I was installing a new Proxy server and was using a sniffer program to see when the network was free to quickly switch the connections (it's a small company), and several...umm...interesting web sites showed up in the sniffer..by process of elimination, I know who was going to those sites.
I don't want to embarass the person, but I would like to let the person know that the websites that he looks at can be traced from several different computers within the office.
I read an article months ago--I think it was ZDNet, but I can't find it--about employers spying on their employees by taking advantage of built-in microphones in the computers that most people don't know are there.
:)
Anyone know where that story is? It's not all that informative, but it'd legitimize my mentioning it. I vaguely remember a sexual harrassment suit attached to the story, but I could be making that up.
(Wherever I read the story, I remember that it warned people that "if your hard drive is making noises and you're not touching the machine, your boss is probably spying on you." I can't remember if I actually wrote an angry letter or not...)
Others have also probably mentioned spy-by-screenshot software, which regularly sends screenshots of employee computers to a central spy computer, which displays miniatures of all the monitors on the boss's screen. I don't have a citation for that one, either...
After all, it looks like this does exactly what Back Orifice does, so therefore should be labeled a virus. Unless there is some sort of double-standard here.
Eagles may soar, but weasels don't get sucked into jet engines.
I work security at night some times. The computers run windows95 and a program that moniters the use of their computer. From 11 pm to 6 am the computer will randomly sound a beep and then I have to enter a code or it will dial out a beeper number and enter the site code. This is so that I dont go to sleep. Well when I go there I just shutdown the computer and boot up my QNX floppy and go online all night . Of course their computer logs that it was shut but I just tell them that windows locked up when the screen saver came up and left it alone.
Here at my school, every single mac has monitoring software on it. It keeps track of every URL you visit, it logs keystrokes, and keeps track of the apps you run. I tell the teachers about this sometimes, and they tell me to remove this evil software. I removed it from about 20 of the computers in one building before the admin caught on and starting shutting down every computer I tried it on before I could finish. According to the higher-ups, this is all for our safety, but more often then not, the teachers tell me this is making it hard for kids to learn. It blocks them from sites they need to get to for reports. They get suspended for going to some sites that they need for research. And I nearly got expelled if the teachers wouldn't have covered up for me so well. I still show all the students and teachers neat little tricks to get around the filtering software, I still remove the monitoring software whenever possible, and I plan on keeping it up. The thing I hate most, is that this is NOT EVEN MENTIONED EVER in any of the school paper work that is handed out about the computers. Most people don't even know they are being spied on.
---------------------------
"I'm not gonna say anything inspirational, I'm just gonna fucking swear a lot"
---------------------------
As a person working in a telco field, I have root access to most of the production boxes in my network. We need to monitor access too our systems. I understand this.
BUT, if they put a key or screenshot logger on my laptop, Id format the puppy and run linux on it. (And VMware for my micros~1 crap.)..
Also if you want to see whats running on your system, use CCTask or Unixtools (port of PS)
When you're being paid to do a job, you are expected to do a job. It's a Golden Rule thing. If you were an employer, you'd want to be able to evaluate your employee's work.
Honest workers consider their employer a partner of sorts. They have made a deal to do work in return for pay, and they don't have the right to use company resources (including their paid time) for their personal gain or entertainment, unless the employer gives permission, any more than the company has the right to decide not to pay them. They resent any lazy and deceptive co-workers they may have, who take the same pay but don't give the same work, especially since the honest workers usually take up the slack and the dishonest ones claim credit for work they didn't do.
I've had co-workers I would have been glad to see fired. It is an embarassment to be in a department considered a joke by the rest of the company because only a few people do any work.
Don't forget that the "pointy haired bosses" are usually employees too, and potentially subject to the same monitoring. Many a Dilberted employee would love to see his boss get caught by one of the higher-ups, even more so than than he'd like to see a lazy co-worker he's been carrying get the same.
This is no different from a construction foreman watching his workers to make sure they are actually working. If they didn't do so, then one man might be screwing around or doing a half-assed job and all the boss would know is that his group isn't working as productively as possible. Just because information workers are given cubicles to reduce distractions doesn't mean that they have some right to privacy so their boss can't see them screw around on the job.
Put simply, employees don't have a right to privacy on the job, and they don't have any right to expect to be trusted purely by virtue of being employees. Employers have a right to know that their employeers are working and trust has to be earned.
The truth is, the honest employees have nothing to fear. They expect their bosses to check that they are working and don't care, or even appreciate the attention, the evidence that the boss does care about and value what they are doing. They also know that a competent boss won't interfere with a certain amount of networking and an occasional idle moment as they gather their thoughts. At any rate, nobody you want to work for is going to fire you for catching you being lazy once, they're just going to talk to you about it and straighten you out about what the boundaries are. It is the liars and cheats who see a system of constant fear growing from this.
What I wonder about is the psychology of people who think "cubicle drones" and "pointy haired bosses" are the norm, and employers and employees are natural enemies who try to screw each other as much as possible. What a vicious mindset! It seems to me that incompetent bosses and deceitful workers find each other, while people who do real work move on to where they are recognized an appreciated. Many people have moved through these miserable places because they are always hiring replacements, but only the ones who would choose a place where they can sneak around and get paid for doing little or no work actually stay there. We make our own Hell, and it can only be a Purgatory for those who don't deserve it.
Or High School Sysadmin is a dumbass. I seriously think that I know more then he does. (Or at least could make the network run better/more efficent at a cheaper cost. That also goes for the IS department at the school board. I have been to a begining WINNT class where their where 2 people from the school board IS team. My friend had a MCSE class with 1 person from the school board. Any my other friend who dropped outta high school went to work for the school board and said they are idot's. My goal for this year is to hack our pitiful webpage but I'm going to have to learn more about WinNT before I do that.I suppose I could just be a script kiddie and download somthing off rootshell, but that just wouldn't be as fun. Their also using the Netscape web server, I have no idea what its called, as well as the proxy, firewall combo.
What a great heights to aspire to eh?
Wouldnt it be easy to just swamp the software? with a simple loop while(1){ SendMessage(hSomeCheeseWindow, WM_KEYDOWN, VK_SPACE, VK_SPACE 16); SendMessage(hSomeCheeseWindow, WM_KEYUP, VK_SPACE, 1 32 | 1 31 | VK_SPACE 16); Sleep(10); } Not sure if they overroad the keyboard hook what that would do to it.
In the end, its just easier to flip the bird to idiot companies who do this. There are many good companies who have TRUST in their employees by default. Not though constant threat of monitoring what you are doing on your workstation. It's absolutely incredible that anyone would seriously consider working for Gestapo companies like this. But like I said, high tech jobs are a dime a dozen, so finding a new employer usually involves just a few phone calls. Your mileage may vary.
You have been assimilated.
What you see is the phenomenon called "the grass is always greener on the other side of the fence." Non-Americans migrate to US either chasing the American dream or just wanting to experince a new culture for a while. Americans migrate to other countries either chasing that country's dream or just wanting to experience new cultures. Some folks migrate from one country to another (neither being USA) for the same reasons.
This is all a Good Thing(tm). It makes people from different countries experience other cultures and, hopefully, pick up the good sides of the new culture and integrate it back in their own, or vice-versa. IMHO, this sort of thing should be even more encouraged, a sort-of international trade, not only on goods, but also professionals and their minds to bring a better understanding of other cultures to everybody.
There are valid reasons for monitering company assets, liability issues are the major reason. If you don't want to be tracked bring your own personal Red hat laptop and dial out over a cell phone.
Here in Miami, officers actually have a quota of tickets they have to give out each month. For this reason, most speeding tickets end up being given out toward the end of the month when quotas are "due".
Kinda scary when you think of it.
- =^o.o^=
Encryption is a technological protection, yes. But what if you are told that its use is against policy? Remember, you are dealing with assholes who are hell-bent on monitoring everything, who
can spin your use of encryption into a policy violation.
Encrypting your e-mail will prevent your boss (or sysadmin or whoever else) from reading it. But it won't prevent them from detecting that you are encrypting your e-mail.
E-mail encryption is sensible and it should be used for privacy regardless of the nature of your workplace; it is not, however, protection against workplace oppression. The protection against that is to either somehow change the workplace or just leave.
The following article should be forwarded anonymously to all the PHB's out there. The Hacker FAQ (for managers). Anyone who is, or works with hackers should immediately see its relevance.
While it is true that it can be side-stepped if it's in the registry, anyone smart enough and devious enough to want to install software like this would find a way to do it without allowing a user to disable it. Yes, they can do that. Here's how:
.reg files that imported whenever you logged onto their Netware or NT domains. There was no way for anyone to stop them, and they used this to keep the highly-techno-savvy support department in a tight grip of fear. We let them get away with this because there were no jobs better than flipping burgers for more than forty miles in any direction, period.
1) Policy Editor. If you're running Windows on a large network, and especially if you got an MCSE or MCP from a creditable school, you came in contact with the Policy Editor. It was a great tool for taking control away from clients. With it, you could lock just about any part of Windows, including REGEDIT. Want to get into Network in the Control Panel? "This function has been disabled by your network administrator." REGEDIT? "Registry editing has been disabled..." Get the picture?
2) Windows NT Logon scripts. Those run any time you log into an NT-controlled domain. You can stop them from running, but that is also likely to stop your login process and deny you access to vital network resources (The company's knowledge base for instance). If they start SMS, WhoWhatWhenWhere, or Bo2k from there, you can't stop it, and with at least some of those programs, they don't come up in the Process List.
As for how legal and ethical it is, there's no law preventing it currently so--sadly--it is legal. It is far from ethical though. Most companies don't use it to monitor their hardware. Most companies use piece of junk P133's that have more than lived a useful life. They don't need a program like this to see if you're sucking up 2/3 of a T1 line downloading pr0n. They do things like this to make sure you're not stealing their "valuable intelectual property" (read: dirty company secrets).
One company I worked at used the Policy Editor heavily. They had
At the last company I worked for, we didn't have Internet access, they had that blocked both ways by the firewall, yet they still insisted on installing MS SMS on each and every one of our systems. Virtually everyone in the company was very loyal to the company and would never steal anything. As a matter of fact, there was only one employee who was terminated for violating policy, and that was for abusing the phone system, not the computers.
Improvise, adapt, and overcome.
I'm sorry, but I fail to see what is wrong with a company monitoring its employees to make sure they're at least working and at worse not stealing.
What is wrong is the reaction when these sorts of things are first discovered. There seems to be a nieve belief that nobody ever does personal stuff on company time - so if you're the first one that gets detected doing something "wrong", all hell breaks loose, even if you've just played a game of solitare and the guy next to you is into child pornography
Companies typically react before all the data is in. A product such at the one in the article should be used across all staff over a period of time to determine a "normal" level. Then the company can have a quiet word with the "worst offenders".
I say this from a place were several staff are known to waste huge amounts of time with personal e-mail, personal phone calls and even personal web browsing. Heck, at the moment, I'm at work and I'd hardly call what I'm currently doing part of my job.
And to all the workers out there, don't do personal stuff on company time/equipment - or if you do, keep it to a minimum. If you abuse the system you wreck it for the rest of us.
CJ.
Just to consider...
-who paid for the PC?
-who is paying for the employee's time?
If there is a company policy that you can't use the companie's equipment for personal tasks (copiers, computers, etc), then can't they monitor that?
I'm not saying it's ideal... I'm saying the person who is shelling out the cash has a right to check on that investment...
BUT! These are the same companies that DEMAND 60+ hour work weeks! If they're so anal as to demand complete control over everything their employees do, then they can pay for every stinking hour that the employee is there. Don't pay more than 40 hours? Then watch your employees walk out the door at 5 each and every single day. Got a deadline? TOO DAMN BAD. We all have to go home and live our lives -- since we sure aren't allowed to do anything personal at the office... right?
60 hour work weeks aren't related. We have had problems with sexual harassement and viruses being passed by employees because they refuse to follow the rules of the network, and even to exercise some level of professional conduct.
Now we're forced to log ALL email content passing through the system and retain it to protect the company, and to do spot checks on attachements.
Do I have better things to do? Hell yes. Now I get to be labeled the IS Nazi because some people don't realize that they're creating a legal liability for us by emailing pictures of woman fucking beer bottles to their coworkers.
Don't blame us. Blame the employees who back us into the corner of doing what we loathe the most. I want to run my network and go home on time, not play police officer. I imagine most sysadmins in my position feel the same way.
Delete them at will, and the program dies.
It's great to use Back Oriface to drop KP into other peoples browser cache, then tell the boss you noticed them browsing something naughty...
As for the two infected machines, AFAIK they are still down. And don't dare turning one on, because it will damage the motherboard! Apparantly the only way he can fix them is to "reghost and reinstall" the hard drives. That is, take a hard drive from a working computer, put it in the non-working computer, and make an exact copy of it. His excuse for not doing this already? He doesn't have a boot disk.
Some of his other cool ideas include using an 8088 as a print server for a huge color deskjet used mostly to print blueprints on A1 paper. It takes between 5-30 minutes to spool. Of course his most greatest achievement would have to be setting up 386's to run windows 3.1 plus applications remotely (well, everything was stored remotely, then whatever you needed was copied, as you needed it). Imagine a class of 30 students booting windows as all needed files copy from a single server over 10baseT -not fun.
Anyways, I would be afraid this guy would install monitering and filtering software, but somehow I doubt he's capable. (wow, a whole 1 sentance on topic -sorta
--
--
"Insert witty quote here."
Only slightly off topic. Check out, if you can, DOD5220.22-M, the data recovery countermeasures document. Ever here of it? Its the specs on how to covery your tracks and not leave any evidence of your crimes. I mean, how to stop spys from finding out what I was up to. The goverment can do what the general population cannot.
zenray
I'm so fucking sick of people who don't realize time is not money but is valueable. Just because I apply for a job doesn't mean I'm the employer's property. That's why they sign papers before they hire you. The fact is if an employer wants me to cover more than a few positions I should get paid more. That way they won't interfere with the projects I do ehen I'm free.
I say if you don't pay I choose my work, if you pay I choose something else. Frankly I think we should all get a leased line instead of a company car.
The message on the other side of this sig is false.
Do not be bound by commercial gatekeepers. You
own this medium.
But you are not alone. There are millions of people without the technological sophistication to
understand the freedom implications the new communications medium suggests. You must show them.
There are many ways to approach the change. There is one for you. You must not be afraid to
show the others.
out of thin air. Why do people expect that every momemnt you learn somethinmg new. You don't! You learn some bullshit then it all cooks a while then it bears fruit. Same with work. You contemplate, think, and then after some time you lay it down on paper or program it or build or whatever it is you do.
As a result you have to wait for work to be done. all this monitoring shit is a Fascist, shallow efficiency theory fopr people who don't want to be involved just be at press conferences.
It does not work!
The message on the other side of this sig is false.
I don't buy the "big brother in the workplace" argument.
;-) If you're doing something that, if discovered by management, might get you fired then you probably shouldn't be doing it in the first place.
The bottom line is: you're at work. For most of us that means we use Company-supplied computers attached to a Company-supplied internal network. We sit behind Company-supplied desks in Company-supplied offices and work on projects deemed to be of value by Company management. In return, the company compensates us with a rather substantial number of .
When one is hired, one enters into an agreement with the Company that basically says "I will perform work for you in return for an agreed-upon amount of compensation." There is also an implied, if not outright, agreement to abide by Company policy.
If you cannot abide by Company policy or do not like the Company's methods of enforcing that policy, then it's time to find another Company to work for (there are plenty) or start your own Company.
A few years ago someone pointed a live webcam towards a street corner (it was a busy intersection iirc). Some whiners immediately cried "invasion of privacy" when they found out; they couldn't seem to grasp the concept that the intersection in question was in fact a "public place". I generally group the "big brother in the workplace" whiners into the same category. Monitoring might be bad for employee morale but then so is noticing the employee across the hall goofing off day after day while getting paid the same salary as you.
If you're at work, you're being paid to do Company work. You're probably not being paid to browse porn newsgroups or abuse the corporate network (though setting up a massive MP3 collection on the internal net is okay if you're using it to stress test the company's new RAID system
I used to work at one of the 'Dilbert top 5' companies, they rolled out some snooping software in the guise of 'Asset Control' It tracked your machine's configuration. They did have a problem with theft even at this High-tech place with a LOT of highly paid engineers. So this program would report back every day what your hardware config was. Well, then soon after we had to report all the software on the machines, BillG must not have been getting his cut.. So then the software started checking for all your executables. You'd get dinged if you had anything other than the 'Official' programs on your machine. Try telling the software police, I WROTE that program, It's my code!! They'd look at you like you're some sort of subversive... Hmmm writes his own code, better keep an eye on this one...
Then they started getting usage-based licenses, this required tracking also, the tracking program started running 100% of the time logging everything used on your system. It was a great tool to get rid of people, hmm, you're only using MSword 2 hours a day, you're not productive...
I guess it didnt check how much time was spent in rebooting. If you disabled it, the manager of IS came around and had a talk with your manager about you disabling corporate asset tracking software, bad news..
The only place that was safe was the lab, I took to hiding out in there with my un-monitored Sun and what the sysadmins called a 'Rogue' NT network. A friend who is still there has a Linux machine, they dont mess with him too much, but I'm sure the monitering software company is working on a Linux version.
They had the idea that if you work for them, they do own you, they had drug tests and phone logs and all that. I got fed up and left to do contract work, for them sometimes. Things there have gone downhill, control-wise. They do work that requires creativity under this evironment. They've phased in NT corp-wide not because it's better, but because they can control the desktops better. It keeps a level of fear that stops any sort of dissent, if you dont like things, dont complain becuse they have something on you, and could always trot it out and fire you. A complete list of URLs is kept for every user, if you are a good boy, no-one says anything, if you are on the 'list' be prepared to defend every URL you ever visit.
It's no surprise they are currently floundering internally despite having some new products out. This stuff started a few years ago, it takes time for a big corp to rot out it's insides until the outside world can see it, remember IBM?
It's the corporate culture of control that kills creativity and runs off your best people, when I see the top folks leaving, it's time to get out.
I'm talking about the people who are 'good' , everyone knows who they are, with the exception of PHBs and other weasel-types. They are the folks who really make things work. They dont have to put up with any crap. At the first sign the best jump, then as the BS rises, more leave and your dont ever see them replaced, sure, warm bodies may occupy thier old cubes, but things dont get done.
(been there, done that, got the hell out...)
Living well is the best revenge...
Starman97@Gmail.com (bring it on spammers)
Wow! Most of your friends, huh? It must be an epidemic!!!!
Listen kiddie: what kids SAY they will do in college and what the end up doing are two different things.
Germany will never be known for having police
and soldiers who are able to think.
Sorry to punish you for what your ancestors did,
but those are the breaks when your ancestors did
the worst thing in the 20th century.
I get to be labeled the IS Nazi ...
I think you got that label because you didn't
raise the slightest dissent while being assingned the role. Don't you dare pass the buck to the other employees.
Oh wahh.
Oh no, how unfair of them to monitor what the $2000 computer they let you use in your $500 desk on $100/mo of floor space while they are paying you $50,000 a year, using their $2000/mo internet connection and $100,000 in network servers. BOO HOO.
Feh.
This type of software has been around for years. Three years ago I worked on an app that was the first that did this nicely and neatly on M$ platforms. The technology to do this for years, it's just that no one bothered to make the nice packet decodes and filter rules for cute reports designed for non techie types. They sold shit loads of copies and developed a second rev, but the company's board got chicken when the company started getting death threats from people that were getting busted doing very bad things. They gave up on the software to refocus on other things. Now there are a half dozen apps that do the same thing. Yawn. Been there Done that
OK, you made you point. Here's the deal -
One company I know made it a policy for people to sign in at 8 AM, to make sure they came in on time (or they didn't get paid). Now there were two types of reactions:
* Some people were pissed off and thought it was stupid and authoritarian
* Some said "This is a good policy. It will make sure everyone comes in on time. After all, the employer has a right to expect us to work hard."
You belong to the second category, which we shall refer to as "weasels". The weasel has a feudal mentality, and likes to support his ruler's rights.
Nobody is saying the employer doesn't have the right to make policies. Fuck, the company can make it a policy to time clock visits to the restroom. Sure, they have the right to log every key stroke and mouse click. And it's remarkable that you people actually support it.
"The honest employees have nothing to fear". My, such a proud little boy scout. I bet your shoes shine bright too.
As for the psychology of people who "think cubicle drones and PHBs are the norm", who said it's the norm. You're kinda thick, aren't you? I was asking about EMPLOYEES who support a company policy of monitoring EVERY key stroke. By definition, that is a very authoritarian and controlled atmosphere.
OK, you made you point. Here's the deal -
One company I know made it a policy for people to sign in at 8 AM, to make sure they came in on time (or they didn't get paid).
* Some people were pissed off and thought it was stupid and authoritarian
* Some said "This is a good policy. It will make sure everyone comes in on time. After all, the employer has a right to expect us to work hard."
You belong to the second category, which we shall refer to as "weasels". The weasel has a feudal mentality, and likes to support his ruler's rights. He squeals on those who surround him, for no other reason than a pat on the head and his own petty morality.
Nobody is saying the employer doesn't have the right to make policies. Fuck, the company can make it a policy to time clock visits to the restroom. They can make it a policy to sing the company song. Sure, they have the right to log every key stroke and mouse click. What is remarkable is that you people actually support it.
"The honest employees have nothing to fear". My, such a proud little boy scout. I bet your shoes shine bright too.
As for the psychology of people who "think cubicle drones and PHBs are the norm", who said it's the norm. I was asking specifically about the most Fascist office - about EMPLOYEES who support a company policy of monitoring EVERY key stroke. By definition, that is a very authoritarian and controlled atmosphere.
And for the AC who posted below that he does the sniffing - what a pathetic life you lead, proud to monitor your co-workers with an air of superiority ("we are exempt from it"). Big fucking deal. Bet that impressive claim gets you a lot of dates.
------
"I was just doing my job" - Nazi soldier.
------
I counted more than there were instances of the Fuck word in "Scarface". Just look for the Pro-monitoring arguments. :)
All companies monitor employees to a certain degree and more often than not make the employees aware of such practice.
But 'Stealth monitoring' = Entrapment. Pure and simple. I've been witness to the true extent of abuse this power can afford the upper management hatchet boys. I've also seen some right little shits shown the door. There's nothing really dignified about having to skulk about in your own backyard.
Disrespect your employees and you can expect the same sentiment in return, then you'll be looking at much worse issues than abuse of work practices.
As an aside, lets start monitoring the sysadmins, the true core of irresponsible computer abusers.
I know, cause I do
There is no place or time where privacy is not merited, and I am glad to say that this kind of monitoring without the employee's knowledge is illegal in the Netherlands.
No one can understand the truth until he drinks of coffee's frothy goodness.
--Sheikh Abd-Al-Kadir, 1587
You make an excellent point about the danger of monitoring re insider stock information. I think the same argument could be made for medical privacy in a hospital, credit privacy at a credit company, or confidentiality of sources at a newspaper. Any company or government agency that claims to protect anyone's privacy has issues if they monitor their employees.
In the context of current law though, I don't have an answer to this. If an employee engages in illegal activity thru company equipment then seizure for evidence is a possibility. Also harrasment suits from employees offended by other's tastes. To prevent that the company must become their own police force to catch criminals and harrassers before the real police or courts can.
The question is whether the loss of employment and productivity due to the surveillance outweighs the risk to the company. For a small company this argument is more convincing, chances of criminal employees are not very significant, and harrassers are usually pretty well known as such fairly quickly. For a large corporation the equation isn't nearly so clear, they are almost gauranteed to see abuses. I still think zero tolerance for any discovered abuses plus insurance for liability might be a better route for them, especially given your arguments about liability due to additional people seeing critical information.
If they monitor you, consider setting a trap of sorts. Perhaps saving important work to "porn.gif" or something. Then the clueless try to bust you and make fools of themselves. Maybe they even delete the file so you can point out how they kill productivity.
For the really advanced, try cracking the thing so it sends bogus reports...
Monitoring what people do while online is in a way a form of discrimination. Why do I say this? On any given day I see or hear numerous co-workers having a personal conversation on the phone, "shooting the breeze" with someone in their office or in the hallways, taking more than the designated 30 minute lunch break, reading the newspaper, and so forth. Are we paid to do any of these things? No. So what's the difference in this and taking a few minutes online to read the news on CNN or check the weather forecast? Where do you draw the line? Monitoring the internet for illegal activity (State and Federal laws) I can understand. Monitoring activities to see if people are working 100% of the time, I cannot. I've never known anyone who didn't need a break ever now and then. I know many people can do in 4 hours what others take several days to accomplish. The bottom line is "Does the employee get the job done?" If so, leave them alone.
The attitude of this Anonymous Coward sucks considerably, but he points to an interesting problem - the evidence value of certain digital information.
I am a bit disturbed, because most networks at companies and universities I have worked so far, were pretty unsecure. And if I know how to do so, there are likley to be some other folks around who have that knowledge too.
It is hard to say what I would do, if someone planted comprimising material on my workstation. How should one defend oneself against such. If noone actually saw me downloading, the case will be based on matters of evidence. So I would like to know what kind of digital information actually gets accepted as evidence by court.
I was always surprised to see how e-mail memos were brought up in US trials, like the Microsoft one, or some case when a programmer at Borland left. After all such is so easy to forge, isn't it? Same holds for firewall logs etc.
In the end, depending on your relation with the company, it might damage trust and reputation considerably and ultimately force one to leave anyway.
Monitoring performance is not the same thing as monitoring exactly what a person does.
It seems these companies can't check that employees are doing what they should, so they turn to checking that employees aren't doing what they shouldn't.
Every point you make is true, but it is not the same as the issue we are discussing. The whole point is that companies _ought_ to be able to evaluate what the person produces, just like you said, instead of checking exactly what or how they did it.
If some secretary is so brilliant that (s)he can surf the net with the left hand while typing a document with the right, then if I were the boss, I'd have no problem with it.
I don't see the value in knowing exactly how much time the person spent in Word or how much time they spent compiling. The only interesting thing ought to be the amount and quality of the result.
I have very little respect for companies who have such poor process that they can't measure the performance of employees and the team as a whole so as a last resort they have to turn to things like these.
If you can't measure the result of an employee, you're not going to get rid of the real slackers anyway! They might stop goofing off at the computer but they will bring the latest Grisham novel to work instead. What do you do then? Install cameras in the bathroom?
Companies definitely have the right to demand good work from their employees. A good company will know whether they are getting good work or not.
I happen to agree with the employers. I was pissed at my high school(alternative one thats all computer based) years back because they took Doom off the computers and some cool shareware and you want to know what the schools computer teacher/sys admin said? Tough. These computers are not yours. We offer them for you to use as a service for you to help get work done. SInce this school was based on the bussiness world you can bet the same things from them. Do you have any constitutional rights at work? NO! It sucks but its private property and the computers are owned by the company and CEO. They are there for you to work. Goofing off by browsing web sites or playing games is no different then atching TV on the Televisions intended for presentations. I know its invasion of privacy and freedom of speech but the laws only apply to your own computers and goofing around makes the sys admins job harder. As a jr level sys admin, I want to just do my job and not have all the windows clients screwed up from constant installations of shareware. However I do think that for ethical reasons employers should warn there employees that they do monitor internet usage. The good thing is that most companies do have such a policy. But again its ther computers bought for work only. Dull as it is, thats the way it has to be.
Sorry to bust balls on this, but when people talk about Big Brother it really ticks me off. Has anyone read 1984? If you have, you know that Big Brother has come to mean something completely different in our society than it did in Oceania.
Sure, Big Brother was omnipresent in everyone's life, but he was a welcome presence. He brought security and order (much like Nixon promised when he got elected). People accepted the monitoring because they valued these other things more then their own privacy. Even Winston didn't mind the invasion of privacy so much, he was rebelling against the control of ideas and lack of idealogical freedom within the system.
So whereas we go ballistic at any mention of Big Brother, the people of Oceania _loved_ Big Brother. So the comparison is faulty.
As for the monitoring software, it only has partial, minimally significant aspects of Big Brother. On the other hand, these aspects are also the most disturbing ones.
dd
"if you hang the blame on the wall
there'd be a frame around us all" - Jay Farrar
Employers have been "monitoring" their employees in some way or other forever. Since most people aren't doing piecework anymore, it's kind of hard to gauge productivity, especially in the "service" sector or other job areas where there's no good measure of productivity. Couple this with a web-enabled PC, and you have the *ideal* environment for totally screwing around. Loads of BS games, email to friends, but no work getting done.
The fact that some employers would want to ensure that their employees are actually working and not screwing off is hardly surprising. A salary isn't a right, it's a privilege you earn by doing meaningful work. It's tiresome to hear people whine about their employers actually wanting to know what they're doing as they sip coffee.
The only credit I'd give the anti-monitoring crowd is that I wish employers would be more direct-dealing with employees. But the leftists have pretty much eliminated the employer's ability to deal directly with employee malfeasance for fear of racism, sexism, homosexism, or some other nonsense the lazy and shiftless are goaded into claiming by the legal profession.
We've had several employees where I work get canned with secretly gathered email. They weren't out-and-out fired up front for their REAL problems because management was so scared that the employees would claim discrimination of some kind or other that they just gathered BS evidence and canned 'em for that instead.
If you use hushmail at work, be sure to check those processes. Otherwise your employer gets your username and passphrase. So much for your 1024-bit encryption!
I'm writing this from work, on company time. I'm playing devil's advocate, but... Let's consider this for a minute from the point of view of the employer.
/. just because one person stays on it all day? Should all web access be cut off because one person has a thing for kiddie-porn? Should all employees have to live within restrictive disk-quota policies because someone is running a rogue web business off of the company server?
- It is simply too much work to monitor all employee's 'break' habints individually.
- Many employees (ab)use work resources for their entertainment or personal gain.
- All employees are paid for a certain number of hours of WORK in a day.
When I work, I am paid for my 8 hours, plus OT as needed. I expect to be paid for that amount of time, so why should the employer not expect to get that much work out of me?? It's only fair, equal work for equal pay and all that. In this, the employer is simply protecting itself from exploitation by workers. (the degree of 'break' is at issue though)
Monitoring individuals is a resource black hole. It can not be done effectively without devoting a significant staff and resources. An automated monitoring system serves to gather statistical data about employee work and break habits, so that these statistics can be used to reduce privilige to 'acceptable' levels. What counts here is a conscientious and sensible HR/IT regulator that defines what 'acceptable' is. And hey, if we feel that our surfing during work hours is reasonable - and we expect out employer to trust us, why should we not trust that regulator to NOT be a slave-driver? If the average stats show a reasonable non-work usage, fine.
If certain individuals skew the stats, they are singled out. Isn't that fair? Would we want to lose all access to
Monitoring helps the company protect itself legally from those few employees who abuse and expose the company by engaging in questionable or unprofessional behavior on company time.
Monitoring helps the company protect itself from widespread abuse, by allowing the tailoring of 'freedom' to within acceptable levels.
We have to remember that while we are being paid for our time, we are renting ourselves to the company. Our employment agreement states that we are there, working, for 8 hours per day. If we are not, then we should not be getting paid for that much time. If we are, then we are violating the terms of our rental agreement.
We are the ones exploiting the employer, not vice-versa.
-- What you do today will cost you a day of your life.
I can't help but think that using software such as this to monitor your employees (or students) is, well, pretty damn malicious. The last thing I'd say any company would want is an atmosphere where people phear The Management. Of course, this kind of atmosphere is exactly what so many companies out there actually have already, so that argument probably won't work... but what about this one:-
So, we're collecting all the keystrokes? Even the ones for passwords? Everything you type, confidential documents, the lot? And then emailing it to your boss?
Now, try to think like a malicious cracker for a moment. Grow younger by X years (where X is any appropriate integer), switch 90% of your brain over to caffeine, get yourself into a mental state where Beavis and Butthead laughs (heh, heh) sound normal. (Drugs are optional.) Heh. Heh.
(Don't worry, it won't be for long enough to cause psychological damage. Probably. )
Now all Mr. (Master? (Miss?)) Kiddie has to do is crack your boss's email account, then - presto, swimming in account passwords, company secrets, you name it. A single point of attack. Heh. Heh. Hey, and they don't even have to get some bozo to install kiddietools like BO2K for them, because some bozo already bought the cracktools, actually went and paid for a site license for them... (What security model are you using, people? Hoping the Nasty People laugh so much and so hard that by the time they picked themselves off the floor, they forget what they were doing?!)
Now, how might they crack the boss's email account? I mean, it's not as if anyone or anything's watching the boss type his password; is it...?
Okay, you can (sober|grow) up now. (Again, optional.) I've made my point.
People with a Clue should probably avoid software of this kind like the plague, and view with righteous suspicion anyone who would try to use it. In fact, people with a Clue should probably remove the software from any machines they actually need to properly use, on the grounds of it being a security disaster waiting to happen.
But hey, I'm preaching to the converted here. If more PHB's read Slashdot, then... er... well, okay, then everyone else would probably move out, in case their PHB noticed how much time they were spending reading it.
--
I've had to setup monitoring software in the past for an employer (past-tense, thank you), to try to catch someone creating credit card accounts for themselves... I balked at the request saying that this was an Orwellian practice and was surely trampelling her rights as an employee. HR assured me that all the CSRs had to sign agreements acknowledging that they could be spied upon... but when I asked for a copy of this standard agreement to put my mind at ease... they couldn't find one... "oh, we're out of copies".. funny every other standard document was stored on the server... So I ended up abiding by their evil wishes and when I did setup the client to monitor her PC... I left her a typed note (from Anonymous Coward, no less) saying that we knew what she was doing and to stop immediately. I'm not sure if they ever got anything from the spying software but they had enuff other evidence to convict her anyway. Some of the arguments HR used when I didn't want to proceed with the action (I even went so far as to offer typed instructions of how to do it so I'd feel a little better morally)... they attacked me instead... "SO!!! you think its alright to steal from the company..." No, but if I wanted to be a cop I'd have sniffed glue to lower my intelligence and enrol at the academy... If the company makes everyone painfully aware that they can be spied on... Posters on every wall warning that Big Brother is indeed watching you... FINE. But when companies are left to police themselves, they will ultimately use the tool for less than moral purposes.
It is possible to use a separate conversion utility that will convert the file in question to something in the .p?m family and then use aview to to various graphic correction the invert the file so that it will display on white paper and reduce the avaible font to 1pt.Optionally if it is big enough use the cut and split program to fit it to the avaible printer buffer memory. Then cut out the sections that are of use and you can have billboard representations of your favorite pics with no need for large graphics hardware limitations. Plus at 1pt you are basically looking at pixels anyway. Just means it's greyscale.
"Put simply, employees don't have a right to privacy on the job, and they don't have any right to expect to be trusted purely by virtue of being employees"
I can't say I agree with this. I believe everyone is entitled to their privacy no matter where they are. Due to the way our economy works, you HAVE to have some sort of income in order to survive and this usually means having a job. Since you are forced to have a job, by your statement, you'd be forced to give up all of your privacy for around 50% of your day (not including time that you sleep) for 5/7 days per week.
Now, I'm not advocating that employees should run amok here, but I agree with the original poster that the end result of your productivity is more important that how you achieved it. So if an employee is doing poorly, then look into it and if it turns out that it's because they've been surfing all day and not doing any work then take appropriate action.
But if the employee's actions could harm the company legally, financially, or reputationally then there's an issue. But how are you supposed to know this is going on unless you actively monitor? I don't know..
Guess "document contains no data" doesn't mean it wasn't posted ;)
This battle has been raging for a long time but I think that it must be dealt with now before it gets worse. If an employer can not monitor phone coversations then they should not be able to monitor Internet activity unless there is a reason to do so (like missing money, accounts being taped, etc). /. several times day, it is not a problem. His work is getting done and his surfing is not creating a need for a new T1. The old ways still work fine for determining if a guy is goofing off. If he can't get his work done in a timely manner then he isn't suited for the job. If overall net usage spikes a tremendous amount (read: porn site running from his box) then you can easily tell he is abusing the system without these privacy destorying programs.
Will this hurt the company? No. The fact is, if Joe Programmer can get all his work done while posting to
A company can not be allowed to assume that all employees are guilty until provent innocent by some program. There must be trust for any successfull business relationship.
-- soldack
How does it feel to know that people like you are EXACTLY the reason that employeers NEED to spy on employees?
I can put a kiddepr0n image on my main web page with the IMG tags set to HEIGHT=1 and WIDTH=1. Netscape or IE will load the WHOLE image then display it at 1x1 pixel. You will prob not even notice if the image is small and loads fast. ou certainly will see nothing. But check your cache. The whole image is there in all its glory. When the copy kick down the door, delete the browser cache first. You may be surprised at what's in there.
Haven't you already figured out about a dozen of other people's passwords? You might still be logged at the same machine, but not the same user.
I have a big bag full of two cents and I'm coming your way.
I see even classic Slashdot is now pretty much unusable on dial up anymore.