Why You Don't Surf For Porn If You Work For The Government
from the defies-reason dept
Data leaks are bad. Data leaks by government agencies are slightly more irritating. But how about a data leak at a government agency, thanks to a state employee getting a computer infected with a trojan by surfing porn? In another triumph for reactive security, the trojan sat on the computer undetected for four months, and only came to light after the employee got caught surfing porn at work and was fired. Oregon officials say its “anti-malware filters” didn’t pick up the trojan because it was so new, the security software didn’t recognize it. Uh, okay, but the real cause of this problem is the bonehead employee looking at porn on a state-owned computer. Though the person got fired, will there be any repercussions for either them personally, or the state? That’s pretty doubtful. Until that changes, don’t expect to see these data leaks subside.
Comments on “Why You Don't Surf For Porn If You Work For The Government”
WOW
I never knew they could do such a thing.. DID I mention IM FIRST!!!!!!!
Re: WOW
techdirt.com is a shit site
DUHHH
ITS called NOVA NET or RSClient
Norton subscription expired
Bet that the virus wasn’t that new rather they hadn’t updated their subscription.
*****Avast antivirus for 64bit****
Re: Norton subscription expired
FINALLY! a fellow Avast user! – honestly, why do people think they have to pay for subscriptions to Norton or any other? is it just because none of their friends like em enough to tell em about Avast and SpyBot?
Re: Re: Norton subscription expired
You’re not alone! Many porn sites I hath surfed for years while being shielded by a deadly-duo of Avast and SpyBot.. with an occasional Ad-Aware and weekly CCleaner for good measure. Not to mention heavy legitimate work, and leisure things, the typical p2p and gaming. Intercepted viruses, yes, as it should, but ever let one infect me and have to pick up pieces later? Not a once!
Excluding Linux, some of the best things can be free. Kaspersky I feel is better, but why pirate when Avast can be legitimately free, and why pay when, again, Avast is good and free. Save that money to support good PC games instead.
Re: Re: Re: Norton subscription expired
Oh, and on top of those, every good geek worth his beans has broadband, which almost always means a router, which almost always means a decent (free) hardware firewall. Again, free!
Re: Re: Norton subscription expired
It wouldn’t have helped, because the infected machine was a work computer, not a home computer. Avast is only free for personal, non-work use, and using it any other way is piracy. Having said that, though, I wish they had paid for Avast in order to support the free version.
Re: Re: Re: Norton subscription expired
Re: Norton subscription expired
It was on the PC for 4 months! any trojan 4 months old should be in your virus defenitions
Re: Re: Norton subscription expired
Well said.. well said.
Re: Re: Norton subscription expired
Oh, and by the by, norton has really lost their gusto, although they used to be the best they are now a-vastly over rated.
Re: Re: Norton subscription expired
Oh, and by the by, norton has really lost their gusto, although they used to be the best they are now a-vastly over rated.
NOC
Yeah you would have to have a full time staff to monitor all of the employes…… HOW about WEBSeNSE or do a router block on PORN… or do the AA Automatic alert when there is a Security breech or access block
Shouldn’t the PC have been locked down so that only the IT department could install new software, anyway?
Re: by Simon
Sorry, it’s just not that easy. If your IT dept locked the systems down that hard, you would be whining and crying about it, and callling your IT dept the new Jack-Booted Gestapo.
Users have a responsibility to use their computers as the tool for the task that the computers are given to them to accomplish.
Remember, Locks only keep the honest people honest.
Re: Re: by Simon
I beg to differ. I t has been my experience that the average end user knows slightly more about smart computing practices than a newt…
This is not even taking into account the intellect of someone stupid enough to cruise porn on the job… Much less a government job…
I do my best to educate people, but I may as well be speaking Swahili…
All the same, if everybody was a hotshot with a computer, I’d be looking for a job…
Re: Re: Re: by Simon
Simply beautiful!
Re: Re:
shouldn’t the computer be locked down so only the IT guys can surf the porn!
Who cares about the government. They are the problem not the porn.
How about the CREATOR of the Trojan
The employee isn’t a bonehead – the people who install malicious content are boneheads….
we are so accustomed to malware threats, we lose perspective – but they are wrong for doing what they did. Also, trojans are NOT limited to just PORN sites
While you could blame the employee for being naive or the IT department for NOT locking down the computer, or NOT installing security updates – or even the anti malware software for NOT “pushing” updates…
The REAL Villan is still the criminal that created the program that installed that trojan.
Re: How about the CREATOR of the Trojan
Indeed. When somebody produces a really good news site that installs malware when you visit it will they start sacking people for browsing news at work?
Re: Re: How about the CREATOR of the Trojan
Browsing news is the same as surfing porn? Where do you work?
you getting viruses from CNN and FoxNews, ESPN, etc?
Company policy might allow news sites, but pretty sure surfing porn is against ALL company policies in most work places.
Re: How about the CREATOR of the Trojan
That’s it, shift the blame.
Re: How about the CREATOR of the Trojan
It’d be impossible to track and convict all creators of malware.
Re: How about the CREATOR of the Trojan
Be for real.
Pretty sure that while the creator of the Trojan is a villiian, the government employee didn’t have porn surfing in his job description.
Last I knew, government workers were paid by taxpayer dollars.
So, if you pay ANY taxes, perhaps this might bother you. Unless society caused him to surf porn at work, against company policies..
IT Locked down
Our clients will have permission issues with my crappy sql server if they are not given admin priveleges. I’m told (probably being stroked) that Vista might fix it in the future.
Re: IT Locked down
Baloney. Learn how to construct a database properly
Re: Re: IT Locked down
Well it is true that it is a bit of a cop-out, it is all too common. Everyone on the network wants full access to what they need when they need it. The end-user doesn’t understand, nor care, about IT security. The management doesn’t understand the need either, although they pay it lip-service. Seldom are they willing to pay the piper when it comes to dishing out the dollars to fund the learning and implimnetation of IT Security. And then there are the administrators who know enough to get them by … Their skills are limited and they fall further and further behind all the time, but there are not enough hours in the day to do “this” and “that” and all the stuff on the “I’ll have to get around to it” list. But they do what they feel is theri best.
Unfortunately, only after a security breach do things usually change. So you might think the “black-hat” is the bad guy but he is also the prime motivationg factor in the fight against IT Security apathy …. Not that I condone the actions of the Hackers, and Crackers and Freaks (oh my), but without them we’d all still believe that woefully insecure computer opperating systems were great time-saving tools. Do you remember how your friends talked up Windows when it pushed DOS aside? And how each consecutive wave was supposed to be the next greatest thing since sliced bread? What about OS2? How about Mac OS X? Each in their turn has been exposed to exploits and has show us their flaws. But ask yourself, if software were to be tested until there were no flaws how much of it would actually ever make it to market?
Re: IT Locked down
Regarding the admin priveliges thing, 9 times out of 10, applying the security template compatws.inf will solve the issue. Search for info at microsoft.com. It’s part of the O/S and is applied through “Security Configuration and Analysis” mmc snap-in. Allows most legacy apps to run without giving admin rights to the user. Combine that with F/C to C:program filesprogram name and HKLM/Software/Program name, and they are golden.
Re: Re: IT Locked down
I don’t think the cure is to use the compatws.inf file to solve the Users run as Administrator problem. We used that security template when we first rolled out XP in 2002. At that time, most software was not compatible with XP. We stopped using it by 2003, choosing to instead build our own security template to adjust permissions, and also using setacl and other utils to set registry and file perms. For even the most stubborn of our apps, users having write perms to the HKLMSoftwareappname key was all they needed. Modern apps load all User run-time reg keys into HK current user. None of our users run as Admin, and we have been running this way since the days of NT. Letting your users run as admin is stupid. Sure, there are a couple people reading this right now saying how smart they are, and how they know how to maintain their computer better than their IT dept., and how it is a pain in the ass to have to wait for IT to download (fill-in handy app name here), but that is just wrong. I’m sorry, but you cannot be trusted. When we ran with the compatws.inf file, we had to purge spyware regularly, because Users cannot be trusted not to go to spyware infected Web sites and download crap to their computers. Since moving off that security template, and only setting perms on the folders and reg settings for certain legacy apps, we are mostly spyware and virus free. Yes, machines still pickup spyware and viruses into Users profile directories, where they have full-control, but the damage they can do is mostly contained. No Users as admins. Figure out how to get your apps to work on a case-by-case basis, and use centralized software deployment like Altiris to roll it out.
Re: Re: Re: IT Locked down
Sometimes I just love to call up those companies and complain about how their software doesn’t work. The user needs admin rights you say? Why? Isn’t that against best practices? Don’t you care about security? Make the low level support guy sweat a little. Act like this is an outrageous request. If you can, get a developer on the phone and pester away. Usually somebody will at least have a list of folders and keys where permissions are needed.
Negative Externalities
Simon is right. Why should I lose my administrative rights because some loser can’t figure out how to look at porn on the job without infecting her machine?
Re: Negative Externalities
I meant Annon. Coward is right—I misread his subject line. Maybe I’m too dumb to have administrative rights after all…
Re: Negative Externalities
Because you’re bad at data security. That’s why you aren’t in IT, and data security isn’t your job. It’s IT’s job. If we decide, in our infinite wisdom, that we need to lock down your computer, it might not be your fault. It might be your idiot colleague who thinks allowing any and every program, no matter how suspicious, to have internet access. Downloads every single damn attachment.
– SRNissen
Re: Re: Negative Externalities
Yes, and that idiot colleague is the reason why, when researching language materials at work, I’m blocked from getting to online dictionaries… and, as I’ve reported 3 times to our IT staff already, one of our off-network computers is still running XP SP1, with Norton AV that expired last March. If I had the permissions (both on the computer and from my bosses), it would be about a half-hour fix. Seeing that level of negligence is like fingernails on a chalkboard me.
Sigh…
Re: Re: Re: Negative Externalities
Clearly, there are incompetent IT departments around the world, too. But the important lesson to take away from this is simple: Data security is not your job – unless it is, of course – and you don’t have to do it. If IT locks your access down, it’s not because they don’t trust you, it’s because they don’t trust anybody. That will harm some people, yes. I remember well the trouble I could have with getting permissions from IT.
Think of it like this: Either everybody has the same level of permissions (Which is going to be low by default) or you’ll have to give some of your budget to IT so they can create a ranking system for the users. And if you get a high rank, and permission to fiddle with your PC, and something goes wrong, even if it isn’t your fault, you’ll take the blame because “you’re supposed to know better” and they’ll dock your pay and take your pension and make your wife cheat on you. That’s how management works mang. Just accept the low-level permissons you have, and tell your manager to talk to IT every time you need permission for something you aren’t allowed.
Re: Negative Externalities
Umm, I’m pretty sure that 95% of all our 250 users are just that USERS they are not administrators. The only reason someone would need to be an admin, is if they are remote, cant vpn in, and need to install things. Regular users shouldnt be installing things, thats just a poorly run corporation. Users should USE, their computer. If your users can do anything then your just causing yourself unnecessary(sp) problems.
Re: Negative Externalities
YES. You should only have admin rights if need it for your job. Everyone else gets the least amount of access needed to perform their job. If your job doesn’t require Internet access, surf on your own time!
Re: Negative Externalities
Why should you login to your machine with administrative rights in the first place?
Unless you are installing new software or creating users you have no need to write to the OS’s core files.
Windows is the ONLY environment where this particular form of stupidity is the “norm”. Get a clue & save yourself some effort.
It’s not about your personal rights or privilege, it’s about protecting the operating system installed on the machine, Both from it’s users and the world in general.
The real solution is
Take away every government computer, all of them.
Slow em down you say,You bet. Grind government to a halt, You bet. Eliminating every piece of electronic equipment they use will reduce government to a lost little kid just like it should be.
Oh yeah and if the idiots do manage to pass any laws they have to pay for them.
What they Don't tell you
I live in Oregon where the news about this has been out for a while, and what they don’t tell you in the article is that up to 2,500 people’s identities may have been compromised because of that looser. yes there is a problem with those who make the Trojan, the government’s computer system, and the guy, but quite frankly i don’t care about what you do on uncle Sam’s watch as long as it doesn’t put my personal info at risk.
Re: What they Don't tell you
What more don’t they tell you? The Dept of Homeland Security has a no-bid contract with ChoicePoint to mine data on ALL Americans, including DNA samples.
ChoicePoint is the data collection firm that managed to sell 145,000 persons private information, including mine, and would have kept it a secret if not for the laws of California, which require notification of those at risk. The oinly reason the media found out was because of those notices.
I’m more interested in why the focus of most of the current investigation being done on behalf of the “War on Terror” is on American citizens!
Why You Don't Surf For Porn If You Work For The Go
Hey, I work for the government (city) and the IT Department won’t let anyone have admin rights. If you want software installed or an update you have to fill out a work order and they come and install it in the next few days. The IT folks can’t figure out why they can’t keep up with the workload? I also don’t install software patches on programs I use because of the hassle to get it installed. The virus software also doesn’t let us download software off the Internet. This is public software like cost/benefits analysis from FEMA.gov website.
O’yes I am at home & off work right now & not using a City computer for this.
I work for the navy IT world and i still hate installing anything other than avast… when people bring me their personal computers i always install avast.. and spybot, corse then like boneheads they bring it back 3 months later cause they didnt register avast and didnt keep spybot updatde… sigh – someday i will kill all the dumb people
Fire IT
Users are dumb and can’t be expected to maintain their computers properly. The IT staff responsible for that employees machine should be fired. That is an example of lazyness. I would expect to there to be consequences if I let something like that happen in my environment.
Re: Fire IT
Nixr, I agree to some extent, decent A/V software is both centrally managed and requires NO intervention from the user or the administrators do download updates. My company uses McAfee’s ePolicy Orchestrator and VirusScan Enterprise, and we have 0 virus infections since we migrated from CA’s InoculateIT. Maybe if the gov’t agency would get off their duff and use the software to it’s fullest potential, things like this wouldn’t be happening.
However, firing IT because some ID10T user couldn’t stay off the pron sites while he was at work is unreasonable and unfair. Any reasonable person would expect users in a work environment to maintain SOMETHING that resembles professionalism.
My 2 cents,
DeadBeatPoet
let me get this straight
So, the malware sat on the PC for FOUR (4) months, but it was SO NEW, their filters did not catch it? My security costs $30 and it catches 95% of everything, 3 days from it inception.
Re: let me get this straight
Your paid for sercurity is updated every three days?
How horrid! My free avast is updated almost daily. Sure takes the
worry out Microsoft security flaws.
VERY VALID POINT
I would like to agree with
Search Engines WEB
porn is good
Good programs
I, on my computer, use a mix of AVG, Spybot, Adaware, and ClamWin Antivirus. Plus I have InJoy Firewall (http://www.fx.dk/firewall/). And this is all behind a router.
Good programs
I, on my computer, use a mix of AVG, Spybot, Adaware, and ClamWin Antivirus. Plus I have InJoy Firewall (http://www.fx.dk/firewall/). And this is all behind a router.
OS
What operating system were they using anyway? They mine as well TRY to convert to something a little (and by a little I mean a lot) more secure than Windows.
(sorry for the double post above – dunno how it happened)
Gov’t agencies need to step up their administration, a trojan that lived ona computer for 4 months is inexcusable. What happend to nightly virus/adware scans? I don’t think I have ever worked in a company that did not have that (no matter for small or big), what is so hard about setting up a network wide daily scan?
The other aspect is, why don’t they check where the data was being transmitted and try to contact local athorities (while it is a long shot, I suspect a lot of people using malware aren’t too bright, the authors were, the users are often script kiddies using their parents’ ISP).
Bottom line is that the network admin for that gov’t office is a bonehead.
Re: achacha's comment
They were scuppered by environmentalists who insisted that people power down their desktop computers at night rather than leave them on standby, thus assuring that the 2am scheduled virus scans never happened.
The Problem is Internet Explorer
How much you want to bet that this guy was using IE while surfing?
The problem is most corporate environments still have IE as the default browser, mainly because they can control it’s settings via a central server. Also, if they were to switch to Firefox users could still do damage due to the lack of a standard way to lock down the browser, such as IE’s Group Policy Settings.
Oh, and what sort of idiot browses porn in the government? Also, how did he not get caught for four months or more? Cubicles are a baaaad idea.
BMR777
this is like telling me the sky is in the directio
my mom has worked for the state government for a loong time. gaining access and eventually control of her terminal and those around her (for which all you need is a name and you’ve got driving records, tax records and criminal history, all kindsa stuff) wouldn’t be difficult, especially if you did it on a day when someone spilled something on their keyboard so they just think their computer’s doing shit all on its own because of that. the best part is, someone spills something on their keyboard, or in the back of their monitor, or on their tower…every day. you’ve got a whole bunch of people on one side of the security who don’t know anything about it, don’t know how it works or what any of it means. on the other side of the security are a whole lot of people just waiting for something like an orange julius down the vents in a monitor. it’d surely be nice if all sorts of our governments would spend money on computer training instead of, say, new desks for office managers, thousand dollar employee lunches, gifts from one employee to another…shit like that.
Cell phone
I bet he was using his cell phone while surfing porn, that’s why he did it so recklessly!
For one ANY govt employees should have to have to be assigned a security agreement when they get the job. Accessing the net while on a computer with sensitive information is dangerous enough from “Electronic Espionage Experts”, without having some idoit piss on national security because he cant wait til the hooker arrives. I was Army, i had security clearance and I was responsible for ANYTHING that I was privy to. Theres many people at fault but if the numbskull had been doing anything he wouldnt be getting fired for this wouldnt have occurred. Blame whoever you want, HE made a decision, HE broke security, and HE pushed the button.
Cell phone
I bet he was using his cell phone while surfing porn, that’s why he did it so recklessly!
My two cents:
Any office or business (government or otherwise) Should be keeping antivirus up to date. Having a Trojan, virus, or other malware is utterly unacceptable. It may be understandable to be vulnerable to attack for up to a week after a new threat is released. however ANY anti virus should be checking for updates at least once a week, and scans should be performed at least once a week.
So, given the worst case a computer would be vulnerable for less than 7 days (assuming updates are scheduled to be applied before scans are scheduled.)
I suspect the employee was fired not because that the virus was there, but because in most ANY place of employment viewing porn at work is agenst policy. Its a HUGE liability for a sexual harassment lawsuit. Its blatant miss use of company resources for both systems, time and bandwidth.
but getting to the point. Why was this in the news? why does it stir up such debate? because 1. Its a government agency, and we as a society expect our government officials to be doing “good” and someone has been caught doing something “bad”. 2. because it involved potential compromise of personal data and/or confidential information. 3. because (GASP!) it shows the fallibility of government network resources.
So begins the blame game. We feel something wrong has been done. An injustice committed. As such we demand the guilty be found and punished accordingly! But who do we blame? The misguided employee who thinks its ok to surf for porn at work and got a virus from the websites? The IT department for failing to follow good practices in maintaining anti virus definitions, updates and scans, or using web filtering? Or do we blame the author of the software? do w blame the person who placed the Trojan on the porn site? do we blame the porn site that had the Trojan on it? The possibilities are endless.
Personally I think that the employee deserved to be fired, surfing for porn on the job is just plain stupid. The IT department needs to be reprimanded for not providing for the security of the network in a timely manner, and changes in policy need to be implemented as well. Any and all traceable information needs to be given to the proper authorities to attempt to research the origin of the Trojan and the party receiving information thru it. And the web master for the porn site should be contacted to advise them of malware being spread via their services.
punish everyone
Hey how bout following the totally non laiden with subliminal imagery comercial for mac, you know the one with the old sickly fat dude representing the PC and the new healthy young trendy starshmucks drinking n00b that represents the macintosh. No one writes viruses for mac, right?.?.
Well, surfing porn whlie your on the clock suposedly earning a paycheck to do ANYTHING, wether you work for the govt. company xyz or even a grocery clerk, plain and simple dont abuse the system, and the rest of us wont kick your ass for messing it up for us that want to get some work done.
Americans love to blame everyone else, its not my fault, its because it wasnt locked out, thats why I was surfing porn. Its not cause your a sick f*** that nees to see your porn 24X7. I think if you cant go a few hours without seeing something nekid you have a serious mental issue that you should seek out immediate psycological assistance, go go do it NOW, you sick f***… I bet you could see someone do something wrong they will blame someone else, you go to them, they will in turn blame someone else yet, and so on, till it reaches all the way around the world a few thousand times.
Anyway, Ill admit I have surfed porn, never at work, I have been infected with trojans (ironic if you ask me, porn, trojan, condoms…) Anyway, GET BACK TO WORK YOU TAX HOARDING GOVERNMENT SLACKERS…….
One more thing before I go, turn off java scripting, turn off active X and put your browser on high security or just use some Mozilla or something without the access to them. You will see a dramatic reuction in invasion attempts. This will not stop an attack if you download and install a program that had the installer infected with a trojan or malware.
I only have one thing to say to those who take advantage of weaknesses and write viruses, trojans and data miners, go take a long walk off a short pier.
Well, as much fun as typing this was, my break is over and I have to go do that which puts food on my table and a roof over my head. later all.
this is sick
well i hope the IT dept will purchase the equip to block this kind of access. also i hope the dirve in question after the data is saved for evidence for any criminal trial which i doubt is wiped or replaced in many companies the IT dept is considered the 1st place to cut and the 1st place to complain…
Porn Surfing @ Work
I work for a state agency. Our IT section has WebSense installed. All of our internet traffic is routed through a server that gets regular updates. We can’t go anywhere that isn’t work related including sports sites, religious sites, adult sites, auction sites, IM, and a host of others.
Although many would find this annoying, I really believe that it is a good use of taxpayer money.
India Outlaws Children's Songs
Americans are fond of saying that India has a great education system which produces so many engineers. However, in the state of Andra Pradesh, the singing of “Baa Baa Black Sheep” and “Twinkle Twinkle Little Star” has been outlawed, for fear that children will become too Westernized. The state legislature, controlled by the fundamentalist Bharatiya Janata Party (BJP), decreed that children should receive more education in Hindu values.
http://www.excite.co.jp/News/odd/00081150350974.html
Hey, what can we say?
Us Oregonians love our porn!
Pr0n ftw
OK, there are a few things wrong here:
A. Nobody should be stupid enough to be surfing porn at work.
B. The IT dept should be smart enough to have updated antio-malware pushed to all the workstations
C. There should have been anti-pr0n filters on the network.
D. The only good trojans are purchased at the pharmacy
E. Online pr0n isn’t worth surfing
Re:India Outlaws Children's Songs
Hey get your facts right instead of spreading misinformation…the legislature in Andhra Pradesh is NOT controlled by BJP…don’t try to put blame on so called ‘fundamentalists’ ….
And engineering is in any way related to black sheep???and whats the relevance of posting here???
porn
PORN IS AWSOME
4 months? come on….
they used use macs next time lol
dude… government workers are not the best. bunch of idiots… trust me… they’re probably surfing porn too.
Idiot
That guy deserves to get fired. The fact that you’re on a state regulated computer should make you paranoid enough to not do anything stupid. And who has time to jerk it at work anyway? As for them not recognizing the software, that’s their fault. The gov is supposed to be on top of that stuff… Where’s Chloe O’Brien when you need her?
m1crosoft is to blame. as usual.
porn in the ass...ets
State government is redundant. Why does Oregon state government exist? How does their government differ from the other 49 state governments? And city government? Ever sit in on a city council meeting? The ayes have it. We are morons for allowing the huge watse of money on thousands of city housing agencies in many many cities. Don’t fire the employee. What did he do? What do any of these people do? Who needs them? Let’s outsource it to highest bidder when we do find a need. And let us continue to consume.
No thats not why
It wasn’t him looking at porn it was THEM using windows.
Government using Windows.. no wonder our government is so messed up!
~blitze
Avast
I used to use avast nd noticed it doesn’t work well on multi-language programs sand uses too much CPU speed. I now prefer Kaspersky
Kaspersky is much better software
Kaspersky includes a pop-upblocker, firewall, automatic updates, automatic scans(several), Web Mail scanning, Anti spy and hacker, and a system that finds malware that is not in teh database(aka brand spankin new virus)
Around here there's certainly reprecussions...
Around here, TPTB prosecutes civil servants fired for surfing porn on work computers or improper email for misuse of gov’t property.
Government employee surfing porn
The repercussions are that the person was fired (and rightly so). What else could be done?
Porn Surfer
By the way, our Firm monitors the use of the internet. They block webmail, porn and other inappropriate websites. The government can’t do that? Are they too busy spending our money on vacations?
Why You Don't Surf For Porn If You Work For The Go
While I haven’t waded through all of these comments (just the first dozen or so), one thing that I think helps contribute to these types of problems is the “one-size-fits-all” software rollout that most IT departments employ. While I realize that tons of time is spent supporting end users and their systems and that a good disk image or installer script makes the load lighter, I’ve often marvelled at how many employees have access to applications they just don’t need.
It seems commonplace to just load up MS Office Professional and several other apps and call it a day. No one questions whether certain positions need Outlook, Access, or IE, it just gets handed to them like name badges on their first day. Often, there is no training to go with these new applications and thus the nightmare begins. People who may never have owned or used a computer before in their lives now have the latest and greatest system at their finger tips.
I’ve seen shop floor assembly workers with full blown systems that have Office w/Outlook and full web access. The reality is that they may get two emails a month and only use Office to open Word formated procedures. All they really need is Word or PDF reader software so they can view those procedures and someone to hand them the couple of memos which come from HR or whatnot throughout the month. But the get the whole shebang and then surf the web or play Solitare or Hearts on their breaks and at lunchtime. If they didn’t have access to as many apps/services, they couldn’t cause as many problems.
I realize that this would take some extra work and that it would affect Enteprise Licensing budgets and a variety of other like issues, but considering the cost of cleaning up some of these messes, would those costs be justified in the long run.
Sorry
Sorry guys, but I hear a bunch of comments here that talk about how stupid people are for not locking down machines, having content filters, firewalls, anti-virus, or anti-spyware software, etc….
The reality is that locking down a machine is not a fix. Sure it will prevent most software from being installed (that require administrative priviledges), but most spyware/virii do not need administrative priviledges to install itself. These spyware/virii developers are much more crafty than their corporate counterparts such as Symantec/Microsfot, etc… These companies mostly have software that depend on signature based definitions that look for behavior patterns of an already identifed spyware/virus program. This is reactive, not proactive, which means that all the new viruses/trojans/spyware can be installed on all of our machines without us knowing until these companies find out about it and provide an updated definition or security vulnerability fix to patch it. So this problem can happen to every single one of you, and none of you can completely eliminate the risk of getting these virii/trojans on your network, but at most minimize the risk by installing the most up to date software techniques to catch the already identified virus/spyware.
There are some software programs on the market now that are behavior based versus signature based such as Cisco’s CSA, or some more intelligent in-line Intrusion Prevention Systems, but for the most part, they are not as far along as the virus/spyware developers are. Most content filters are close to worthless because the porn/spyware companies are poping up new domains everyday and the blacklist or content blocking heuristics will never be completely up to date.
So quit calling everyone stupid, because your network is catching all the same crap as everyone else, unless you have a network of one or two PC’s and have just gotten lucky………
Love,
Pablo Escobar
What is the internet for?
http://video.google.com/videoplay?docid=5430343841227974645
HELP! I'm looking @ p*rn on company pc!
Ok, I admit it, as much as I try, I get bored…I’m a work-a-holic, I’m here 1st & leave last,I get twice as much work done as everyone else, but I’m erratic.
I may work like crazy & get lots done in 3 hours, then I want to kick back & just “surf”, to say that I dont sometime surf over to a little bit of xxx action would be a lie.
This is a great job & I dont want to get fired.
I’ve downloaded disk cleaning & internet privacy software that seems really good, I’m fairly certain my computer is clean. But I’m ignorant as to what exactly anyone looking could find if they searched the server.
Is it tags?
Is it address’, what?
Our office has 7 computers, networked and going through a server which “backs up” every day after we close. We dont have an IT department or anything like that. So if I look at some questionable sites & immediately after I finish & I run the “cleaner”, am I still at risk of someone seeing what I looked at?
I guess what Im asking is how does it all work?
Is there a work around? Is there software out there that I could install that would prevent any of what I do from going to the server?
What exactly can be retreieved from the server?
is it just website addresses they see?
What if I go to sites that don’t have anything “descriptive” in the address, such as “www.flurl.com”, where there are a lot of great vids, but in the address bar there’s nothing but a bunch of non descript code…?
Re: HELP! I'm looking @ p*rn on company pc!
Dude. I’m hoping you get caught.
In order to access the internet, your connection goes THROUGH the company server. You don’t have the admin rights to bypass the server so that you can continue to look at porn on the clock. You want to do it at home? that is your choice as long as it is not kiddie porn. You don’t have permission to “clean” your access from the server. If your conscience is bothering you, have you considered just not surfing to the questionable sites? Your days are numbered…