Re: [keylogging at the office] le'sigh

There is no expectation of privacy in a work environment.

Re: [keylogging at the office] le'sigh

Time to find a new employer.

Re: [keylogging at the office] le'sigh

I still say its dumb and shouldn't be done

Re: [keylogging at the office] le'sigh

I really hate to sound callous on this because I understand your frustration, but from their viewpoint, none of that information should be on the network.

At this point, unless you have another job that you're ready to jump into and you're guaranteed to get it 110%, then you should probably just keep your head down and not make any waves. The current job market doesn't look too good to be suddenly out of work.

Re: [keylogging at the office] le'sigh

At one of my jobs I had to implement a monitoring system on all the terminals throughout the company. There was a pretty loud uproar about it, with everyone complaining that the company would have access to a lot of employees personal information.

The response from the company was that while at work, employees shouldn't be checking personal email, social networks, bank accounts, etc.

It's a difficult subject, and I can understand both sides of it. The company has a right to do this, and use it as a way to prohibit employees from wasting time on personal tasks while at work.

Re: [keylogging at the office] le'sigh

Personally, I'm surprised sys admins weren't involved in the process because most Antivirus programs will detect keyloggers as a threat (unless they're hardware based) and quarantine/delete them unless you make an exclusion. If they did go to them to make the exclusion, a simple slaving of the drive and running a scan against it would change the path (depending on if variables were used) causing it to be removed from the system. Granted, that's not the best way to stay in your psycho managements good graces.

Note to self: In case of keyloggers, remember Spider Solitaire doesn't require keystrokes and can be launched from FOB.

Re: [keylogging at the office] le'sigh

It's not only logging keystrokes it's taking screen shots and has many other logging features. Fortunately for you it's a huge resource hog and in the end will hurt the productivity they are trying to enhance.

That said, it's their network and they are allowed to do whatever they want with it. Look at it from their perspective. They are paying people to do work, not surf pr0n and update their myspace page.

You shouldn't even be snooping around trying to find out what software they are using as this could be misinterpreted. If some one doesn't want me on their network, I don't want to be on their network. If I'm on their network and some thing happens whether it's my fault or not, guess who gets blamed. People need to be adult about it and respect their employers wishes. Especially if you aren't the popular type.


xor

Re: [keylogging at the office] le'sigh

for the cases i know courts have sided on the employers side, unless you can get your keyboard in a different state to the cpu ;)

Re: [keylogging at the office] le'sigh

I use Kaspersky Internet Suite on my Vista systems which has a built in virtual keyboard to get around keystroke loggers. But that still doesn't stop screen shots or active remote viewing.

xor

Re: [keylogging at the office] le'sigh

You really don't have to do keyloggers to get this information. Most of it can be obtained using the network. A key differentiator which lead to our selection of BlueCoat was the fact that it can function as an SSL proxy. We proxy all Internet traffic, http and https, and have the ability to look at any/all of that traffic should the need arise.

Our "Acceptable Use" policy clearly states that employee's should have not expectation to privacy. We do not advertise when and what we are managing.

One thing I would like to be clear on is that in my opinion, and that of many of my peers, what an employee does on the network is a management issue and not an IT or IT Security issue. It's not our role to police employee and how they spend their time. That is a responsiblity of the employee's manager.

Re: [keylogging at the office] le'sigh


I'm not the popular type and it got me fired

I discovered the service running on a non-production server. I started looking into what it was and why it was there thinking that maybe this company had been hacked. Once I saw email being generated to a couple of internal employees I went and looked at their mail boxes to try and figure out what it was doing. The key logger caught my opening the mail box, management freaked out and I was fired. So protip, keep your head down and dont make waves or you'll be fired (like streaker99 said)

nothing I can do about it now, except work on my tan for defcon.

live and learn right?

ps-anyone hiring?

Re: [keylogging at the office] le'sigh

I'm commenting on this for the sake of others who will read this, down the road. I'm not trying to pick on bjaming; on the other hand, perhaps he'll take what I'm saying to heart.

It had nothing to do with popularity. It had to do with insubordination, and with a serious lack of caution. Postings *here* are public, and archived in all sorts of places. Google caches them right away. I would bet that they (your former employers) know your alias here (or at least they should).

You read other people's email with no business reason to do so. Unless you were expected to operate as a cowboy (and I bet you were not), you should have immediately reported this service running on a non-production server, and asked for a team member to assist you in the investigation. Right then, someone would have stepped up and told you to never mind, and that would have ended it.

One lesson learned here is not just to keep your head down, but to consider that you are an *EMPLOYEE* and that other people, at the end of the day, make the decisions. Another lesson is that you should not, *EVER*, discuss your professional life in such a way that it will later come back to haunt you. To point you to one of your original statements:

That statement makes my stomach hurt.

There's plenty you can do. Right out of the gate, you should be examining what you did, and trying to understand my point of view (and Streaker99's and Dakahuna's). You need to consider what you say in public, and how it will be seen today, tomorrow, and five years from now. If it's at all possible, get in touch with your former employer, tell them you realize how stupid you were. Do NOT offer any excuses about how you thought they were being hacked; it won't fly. Ask if you can be allowed to resign instead.

Work on your resume. When you get to defcon, find other things to talk about than this. It can only hurt you.

Glad I'm retired. I just don't have the stomach for firing people any more.

Re: [keylogging at the office] le'sigh

Oh well. You asked for advice, people gave it, and you chose not to follow it.

I was going to say earlier that chances are, they implemented such a policy and they already had their targets in mind, but they needed to do it company wide so as to appear to be fair.

If you have a firearm, I suggest you put it away for a while, I hate to hear you shot yourself in the foot, again.

Re: [keylogging at the office] le'sigh

to clarify, the results of this encounter have nothing to do with anything that has been posted on this or any other site.

in addition, I don't think you're attacking me, and I'm not too concerned about the outcome of this event. I was not a happy person at this place. I'm not trying to excuse my activity on their network, nor am I trying to lay blame at their feet.

I think it has less to do with "insubordination" than it has to do with other issues related to personality conflicts.


it's just given me an opportunity to work on my tan :)

edit-streaker I'll buy you a beer at defcon this year check your pm's