Exact match. Not showing close matches.
PICList
Thread
'[OT]EMPLOYER SNOOPING'
2000\03\06@234404
by
engalt
I have heard at work that peoples computers are being logged into by the
systems administrator and emails and files are being looked at. From
what I am told my Outlook mail can be gotten into by the administrator
even if he doesn't know my password.
Does anyone know of any monitoring software I can install that will log
which files were accessed and if my email was accessed and by who?
2000\03\07@021431
by
Rich Leggitt
Sure, your mail is on his machine after all, perhaps a big text file named
/var/spool/mail/engalt. He can read it, write it, delete it, whatever.
Have you considered web mail? -- Rich
On Mon, 6 Mar 2000, Brian kraut wrote:
{Quote hidden}> Date: Mon, 6 Mar 2000 20:42:14 -0500
> From: Brian kraut <
spam_OUTengaltTakeThisOuT
earthlink.net>
> To:
.....PICLISTKILLspam@spam@MITVMA.MIT.EDU
> Subject: [OT]EMPLOYER SNOOPING
>
> I have heard at work that peoples computers are being logged into by the
> systems administrator and emails and files are being looked at. From
> what I am told my Outlook mail can be gotten into by the administrator
> even if he doesn't know my password.
>
> Does anyone know of any monitoring software I can install that will log
> which files were accessed and if my email was accessed and by who?
>
2000\03\07@065837
by
Alan Nickerson
|
Thats one of the reasons I run my own mail server...
Alan
----- Original Message -----
From: "Rich Leggitt" <rleggittKILLspamconcentric.net>
To: <.....PICLISTKILLspam.....MITVMA.MIT.EDU>
Sent: Tuesday, March 07, 2000 2:12 AM
Subject: Re: [OT]EMPLOYER SNOOPING
{Quote hidden}> Sure, your mail is on his machine after all, perhaps a big text file named
> /var/spool/mail/engalt. He can read it, write it, delete it, whatever.
> Have you considered web mail? -- Rich
>
> On Mon, 6 Mar 2000, Brian kraut wrote:
>
> > Date: Mon, 6 Mar 2000 20:42:14 -0500
> > From: Brian kraut <
EraseMEengaltspam_OUTTakeThisOuTearthlink.net>
> > To:
PICLISTspam_OUTMITVMA.MIT.EDU
> > Subject: [OT]EMPLOYER SNOOPING
> >
> > I have heard at work that peoples computers are being logged into by the
> > systems administrator and emails and files are being looked at. From
> > what I am told my Outlook mail can be gotten into by the administrator
> > even if he doesn't know my password.
> >
> > Does anyone know of any monitoring software I can install that will log
> > which files were accessed and if my email was accessed and by who?
> >
>
2000\03\07@074904
by
John Pfaff
If you're running any flavor of Winbloze, once you log out and the
administrator logs in, anything you would have set in motion (such as
logging software) stops. The administrator has COMPLETE access to the hard
drive. One alternative might be to use removable storage for you e-mail
(Zip disk, LS-120 or the like). Then remove it when you leave for the day
(or even for lunch).
{Original Message removed}
2000\03\07@173036
by
Andrew Hooper
(The following is just an idea, and if anyone uses it then it is at their
own rist)
Removable devices are really good for this, but when you dont have one in
your system
then your a bit stuck, if this is the case try this.
Write an application that uses a command line driven application like PKZIP
or
you could even use one of the PGP archivers, then archive everything that is
in
you mail folder and delete any unarchived information.
When you arrive, unzip or unarchive the data, when you leave zip it up.
pkzip allows you to use a password, it can be cracked but i dont thik the
admin
would bother.. (then again you never know).
You could even replace the deleted data with some fake stuff just so you
dont
draw attention to the fact that the files are not there, if they are not
there he is
going to wonder where they are anf go loooking for them.
Regards
Andrew
{Original Message removed}
2000\03\07@210511
by
Dale Botkin
|
None of the ideas presented for email privacy will apply:
1.) ANY time when the employer uses Exchange for email (which most with
more than a few employees do); or
2.) Between the time mail arrives at the server and the time the user
retrieves it, in the case of an SMTP/POP or IMAP server; or
3.) Ever, if the employer *wants* to read your incoming mail. All that is
needed is to configure the mail server to copy all of your mail to another
email box as it arrives.
If your employer uses Exchange, the mail admin can do pretty much anything
he or she wants, without your knowledge, and there's no way for you to
detect it. Ditto for any Unix/Linux/Solaris system using SMTP/POP/IMAP.
I don't know about Lotus Bloats, but I suspect it's the same.
Face it -- it's the employer's server, and you most likely signed (or at
least were advised of) a pretty Draconian email policy when you went to
work there. Your choices are to use a Web email service (better be a
secure one, if they have a proxy server at work!), or don't use the system
at work for personal email at all. Of course, if you can telnet out from
work you can telnet to an external host and use Pine or elm or whatever to
read your non-work email.
Wish I had better news for you. By the way, as a former employer, former
ISP, former sys admin (two previous lives), current sys admin (at home)
and current non-mail-admin employee (at work), I pretty much know the ins
and outs...
Dale
On Wed, 8 Mar 2000, Andrew Hooper wrote:
8< snip...
> Removable devices are really good for this, but when you dont have one in
8< snip...
> When you arrive, unzip or unarchive the data, when you leave zip it up.
---
The most exciting phrase to hear in science, the one that heralds new
discoveries, is not "Eureka!" (I found it!) but "That's funny ..."
-- Isaac Asimov
2000\03\07@234356
by
engalt
|
I found out today that all the mail coming in, and presumably going out, is
forwarded by our mail server to another email address. Therefore no one even
needs to go near my computer to read my mail.
I only use my email and Net access at work a total of about 1/2 hour per week
for personal use. I also work about 60 hours a week on salary so they get 19
1/2 hours a week free from me and would probably not complain about "abuse".
However, I am pretty pissed about being spied on. What's next, cameras in the
bathrooms?
Also, does anyone know the leagality of someone listening in on your phone
calls without your conscent at work? Not recording them, just listening in.
John Pfaff wrote:
> If you're running any flavor of Winbloze, once you log out and the
> administrator logs in, anything you would have set in motion (such as
> logging software) stops. The administrator has COMPLETE access to the hard
> drive. One alternative might be to use removable storage for you e-mail
> (Zip disk, LS-120 or the like). Then remove it when you leave for the day
> (or even for lunch).
>
> {Original Message removed}
2000\03\08@003018
by
Tony Nixon
Brian kraut wrote:
> However, I am pretty pissed about being spied on. What's next, cameras in the
> bathrooms?
>From memory, I think a major company over here does time employee
bathroom visits. Cameras are there too.
--
Best regards
Tony
http://www.picnpoke.com
@spam@salesKILLspampicnpoke.com
2000\03\08@013537
by
William Chops Westfield
Reminds me of the time, long ago, that I, a "Jr Systems Programmer" on a
university mainframe, decided to abuse my privlidges and read my boss's
mail. His mail file only had ONE message in it, which read:
"By the way Bill, why are you reading my mail?"
That's one way to lose a bad habit...
BillW
2000\03\08@015446
by
William Chops Westfield
I found out today that all the mail coming in, and presumably going
out, is forwarded by our mail server to another email address.
Therefore no one even needs to go near my computer to read my mail.
It's a computer. The only way you get privacy is via encryption. I find
it easier not to care very much, as long as no one complains about the sort
of mail I might be receiving. Check your company's email policy - chances
are so-so that sysadmins can't randomly start reading your mail, they might
need to have "cause" (not necessarilly involving YOU, unfortunately.)
Abusing sysadmin privledges without just cause is usually a MUCH more
serious "crime" than using the company's servers/nets for personal use.
BillW
2000\03\08@091803
by
M. Adam Davis
|
|
Brian kraut wrote:
> Also, does anyone know the leagality of someone listening in on your phone
> calls without your conscent at work? Not recording them, just listening in.
Check with a lawyer. There are differences from state to state and country to
country, and the type of phone call makes a difference as well.
IMO, if your company is doing all of that to you then you should seriously
consider working elsewhere. It is obvious that this is getting to you, and is
going to be affecting your work. Knowing that someone is always looking over
your shoulder can be demoralizing, and productivity suffers. The only cases
where this may be appropiate is when the employee is conducting illegal
activites while at work, or if the employee is disclosing company information to
others which is not public. Unfortunately many businesses feel that to prevent
it from occuring they need to monitor everyone all the time.
Out of curiosity, how are you finding out that your company is doing all this?
I've known people to drive others paranoid by telling them they are being
watched in various ways as a joke.
As an aside, I see you are using earthlink as your email. I'm assuming you have
an account with them, which you access from home and work. Your employer only
has access to that mail if you are accessing it at work. They cannot make
copies or forward that mail unless they have control of the account, or you are
accessing it at work.
I would strongly suggest you obtain an email account which has web access with
strong encryption. That way you can access your email at work with your
browser. They will not be able to see what's going over that encrypted link.
-Adam
2000\03\08@092843
by
D Lloyd
|
|
Hi
See below:
"M. Adam Davis" <KILLspamadavisKILLspamUBASICS.COM>
08/03/2000 14:16
Please respond to pic microcontroller discussion list <RemoveMEPICLISTTakeThisOuTMITVMA.MIT.EDU>
To: spamBeGonePICLISTspamBeGoneMITVMA.MIT.EDU
cc: (bcc: Dan Lloyd/GBPTD/ABB)
Subject: Re: [OT]EMPLOYER SNOOPING
Security Level:? Internal
Brian kraut wrote:
> Also, does anyone know the leagality of someone listening in on your phone
> calls without your conscent at work? Not recording them, just listening in.
Check with a lawyer. There are differences from state to state and country to
country, and the type of phone call makes a difference as well.
IMO, if your company is doing all of that to you then you should seriously
consider working elsewhere. It is obvious that this is getting to you, and is
going to be affecting your work. Knowing that someone is always looking over
your shoulder can be demoralizing, and productivity suffers. The only cases
where this may be appropiate is when the employee is conducting illegal
activites while at work, or if the employee is disclosing company information to
others which is not public. Unfortunately many businesses feel that to prevent
it from occuring they need to monitor everyone all the time.
Out of curiosity, how are you finding out that your company is doing all this?
I've known people to drive others paranoid by telling them they are being
watched in various ways as a joke.
As an aside, I see you are using earthlink as your email. I'm assuming you have
an account with them, which you access from home and work. Your employer only
has access to that mail if you are accessing it at work. They cannot make
copies or forward that mail unless they have control of the account, or you are
accessing it at work.
I would strongly suggest you obtain an email account which has web access with
strong encryption. That way you can access your email at work with your
browser. They will not be able to see what's going over that encrypted link.
**** This is not entirely true. If your PC is on the network, there are
unobtrusive tools for obtaining snapshots of desktops, much in the same way as
Netbus and other 'point and click' trojans can. This come under the guise of
"remote admin configuration tools" for site software admin (WinVNC)....hence can
be claimed to me "multi-purpose" and not put there for direct monitoring. I
believe, in the UK, it is not illegal for an employer to monitor any
activities......the only place they are not allowed to put cameras, for
instance, is toilets.
Dan
-Adam
2000\03\08@094116
by
M. Adam Davis
That is true, I did not think about that. In the end, the only way to make
certain your employer isn't looking at what you are looking at is to stay away
from their equipment.
-Adam
D Lloyd wrote:
{Quote hidden}> **** This is not entirely true. If your PC is on the network, there are
> unobtrusive tools for obtaining snapshots of desktops, much in the same way as
> Netbus and other 'point and click' trojans can. This come under the guise of
> "remote admin configuration tools" for site software admin (WinVNC)....hence can
> be claimed to me "multi-purpose" and not put there for direct monitoring. I
> believe, in the UK, it is not illegal for an employer to monitor any
> activities......the only place they are not allowed to put cameras, for
> instance, is toilets.
>
> Dan
>
> -Adam
2000\03\08@135251
by
William Chops Westfield
In the end, the only way to make certain your employer isn't looking
at what you are looking at is to stay away from their equipment.
Yep. Including the network, of course. Even if you have your own PC
running a "secure" operating system, packets going to and from it are
easilly sniffed...
BillW
2000\03\08@140920
by
Fansler, David
2000\03\08@141546
by
Spehro Pefhany
At 02:07 PM 3/8/00 -0500, Fansler, David wrote:
>To read a really chilling recent development, check out this story.
>http://www.msnbc.com/news/378768.asp <http://www.msnbc.com/news/378768.asp>
Or save the money and install bo2k (free) and you can get streaming
video of your employee's desktop as they (supposedly) work at home,
no matter where you are.
Say, with convergence of TV & Computers, we may finally realize the
dream of 1984.. just a couple of decades late..
=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=
Spehro Pefhany "The Journey is the reward"
speffEraseME.....interlog.com
Fax:(905) 271-9838 (small micro system devt hw/sw + mfg)
=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=
2000\03\08@210926
by
Herbert Graf
> That is true, I did not think about that. In the
> end, the only way to make
> certain your employer isn't looking at what you are
> looking at is to stay away
> from their equipment.
You could always use a personal firewall and
block all ports not used by you. Probably they only
ports you would need to open are http (80), https
(88??) POP and SMTP (25 and 110?), close all other
ports. Then, as long as you use an encrypted connected
they won't be able to monitor over the network.
However, they can still run keycapture and screen
capture programs locally on your machine and access
them after you leave. As long as you are using their
equipment and resources there is no way to stop them
completely. TTYL
2000\03\11@215948
by
Jeffrey D Spears
|
I say, securite by obscurity. Put yourself on the PicList for buisness
reasons. Any sysadmin would go absolutely CRAZY trying to find naughty
little emails mixed in with all the emails generated by the Piclist.
On Tue, 7 Mar 2000, William Chops Westfield wrote:
{Quote hidden}> I found out today that all the mail coming in, and presumably going
> out, is forwarded by our mail server to another email address.
> Therefore no one even needs to go near my computer to read my mail.
>
> It's a computer. The only way you get privacy is via encryption. I find
> it easier not to care very much, as long as no one complains about the sort
> of mail I might be receiving. Check your company's email policy - chances
> are so-so that sysadmins can't randomly start reading your mail, they might
> need to have "cause" (not necessarilly involving YOU, unfortunately.)
> Abusing sysadmin privledges without just cause is usually a MUCH more
> serious "crime" than using the company's servers/nets for personal use.
>
> BillW
>
Jeffrey D. Spears
University of Michigan
College of Engineering
``Double-E, can't spell gEEk without it!''
-Captain Gerald M. Bloomfield II, USMC
(my brother)
2000\03\11@230554
by
engalt
|
|
They are probably going crazy downloading all the Autocad drawings I get anyway.
Jeffrey D Spears wrote:
{Quote hidden}> I say, securite by obscurity. Put yourself on the PicList for buisness
> reasons. Any sysadmin would go absolutely CRAZY trying to find naughty
> little emails mixed in with all the emails generated by the Piclist.
>
> On Tue, 7 Mar 2000, William Chops Westfield wrote:
>
> > I found out today that all the mail coming in, and presumably going
> > out, is forwarded by our mail server to another email address.
> > Therefore no one even needs to go near my computer to read my mail.
> >
> > It's a computer. The only way you get privacy is via encryption. I find
> > it easier not to care very much, as long as no one complains about the sort
> > of mail I might be receiving. Check your company's email policy - chances
> > are so-so that sysadmins can't randomly start reading your mail, they might
> > need to have "cause" (not necessarilly involving YOU, unfortunately.)
> > Abusing sysadmin privledges without just cause is usually a MUCH more
> > serious "crime" than using the company's servers/nets for personal use.
> >
> > BillW
> >
>
> Jeffrey D. Spears
> University of Michigan
> College of Engineering
>
> ``Double-E, can't spell gEEk without it!''
> -Captain Gerald M. Bloomfield II, USMC
> (my brother)
More... (looser matching)
- Last day of these posts
- In 2000
, 2001 only
- Today
- New search...
