Don't Forget Your Employer Might Be Looking At Your IMs, Too
from the big-brother dept
It’s pretty common workplace knowledge that many companies keep tabs on employees’ email and web-surfing habits, whether they’re actively policing them, or just saving information for possible future use. While common sense would dictate that a company could track nearly anything that goes across its network or happens on one of its machines, some people don’t use the same discretion in using instant-messaging programs at work as they do when they’re using a work email account. But two recent scandals highlight that IM isn’t as private as many people might perceive it to be, as chat transcripts have played a significant role in both the HP spying fiasco and the controversy surrounding former Congressman Mark Foley, who sent sexually explicit IMs to underage boys. In the HP case, the company’s investigators monitored chats between an employee and a reporter; Foley was exposed after other Congressional pages gave saved chat transcripts to the media. While the methods used differ, they both illustrate that IMs may not disappear into a black hole once a chat session is closed. Of course, that’s not really news, but it might be worth reinforcing to some people — like the Yahoo employees that discussed their plans to jump ship to another company over Yahoo Messenger.
Comments on “Don't Forget Your Employer Might Be Looking At Your IMs, Too”
Uhmmm... duh...
…many companies do this secretly and many have an open policy about it. No surprise…. you should consider anything you type on a company network email, IM or web to be a postcard that anyone could potentially see.
I don’t always agree with it, but, it is THERE equipment and if you do (or send) something inappropriate, well, you probably should’a been doing your job.
Re: Uhmmm... duh...
Yes, of course the equipment is THERE, but more importantly, it’s THEIR’S.
Re: Re: Uhmmm... duh...
Damn… no apostrophe, now I just look like an ass 🙁
Re: Re: Re: Uhmmm... duh...
LOL thanx for the correct……dammit!
Re: Re: Uhmmm... duh...
Absolutely. People always use terms like “my” desk, my cubicle, my pc and they bring 1001 items from home to decortate their area, but the fact is it’s company property, company network, and the company can do with it whatever they please. Your workplace, in the most strict sense, is not a democracy where you can do whatever you want.
If you’re technically inclined and know what you’re doing, IT may not particularly care what you do, unless IT gets an order from on high to target you. I’ve seen it happen. Those guys are generally very busy with all kinds of different things and they don’t like bothering with crap like this unless they have to. Of course, some of the things they troubleshoot send to discovering things like we’re dicussing now.
In my dept., we all have administrator privledges, but we don’t abuse them either. But they trust us mainly not to ass something up.
There are ways around this, but it’s a throw of the dice and the more you do it the more your chances increase of getting caught because you’re on somebody else’s network and you don’t know what’s going on behind the network. The quick answers are, you’re supposed to be working at work and violating a company policy that could possibly get you disciplined or terminated isn’t worth it.
Re: Re: Uhmmm... duh...
Thank you, I hate when people mispell/ misuse that word!
More private chatting at work
If you want to chat at work you can protect yourself from network spying by using a secure connection to your home PC. I do this using PuTTY on my work computer to SSH to my linux machine at home where I run irssi (a command line IRC client). There are command line clients for almost every IM program out there, a linux box isn’t hard to set up now and many people have always on internet connections, this could easily be an option for anyone not daunted by white text on black backgrounds.
Threat Model
If your threat model is to avoid your employer recording chats, use Tor (http://tor.eff.org) to tunnel traffic through the firewall. Sure, the other end can still log the conversation. If you trust the other end, the company will be none the wiser.
WorkIsNotSafe
Tor, or whatever, will not let you keep your job. Most companies that restrict messaging and other forms of computer use also tend to restrict what you can openly install on thier machines. If they so much as find out that you’re using Tor to bypass thier security messures, you can kiss your job goodbye without a warning.
You’re only so smart until you’re caught with your pants around your ankles. If you are that much of an IM addict and can’t wait to talk to your underage friends until you get home, maybe it’s time to invest in an IM phone and not worry at all about your boss. Until then, I have no pitty for any retard that gets fired for missuing company hardware. In fact, I find it amusing.
Re: WorkIsNotSafe
tor can be sued without any ‘installation’ you can run it off a memory stick. this is what i have been doing for years. tor, firefox, putty, gaim. on school [read:not business, but education] computers, i openly run these apps. normally, while talking to the IT staff.
IM scanning and avoidance
postini provide IM scanning and logging tools, so every corporate Big Brother can buy an off the shelf solution
to guard against it, use an IM client which encrypts… however, that means you have to trust the IM server as it decrypts/re-encrypts the message as it passes through
if you don’t trust even the IM server, use an Off The Record plugin such as that for Gaim.
Self-protections
My company encourages use of MSN Messenger for easy office communications, and I imagine those are at least monitored, and I know they’re logged because I log all of my IM conversations.
But, when communicating outside of work, thankfully many of my friends are on GTalk, and I use the in-gmail chat under a secure session to talk to them, so it’s not likely, unless using key loggers (which would be a STUPIDLY HUGE security risk) that those private IMs are being monitored.
Just tell them straight up...
don’t bother trying to be clever or sneaky about monitoring policies. Just say, “We monitor what you do on your work stations.” and a lot of people would think twice before trying to use restricted programs. And for the ones that think they can surpass the monitoring, those are the ones you make an example out of…
I've Personally Fired You
So far I’ve personally been responsible for 6 people losing thier jobs for just the same thing. 2 of those people were actually using Tor and thought they could get away with thier activities. If you know what you’re doing as an admin, you can catch anyone. It’s that simple. And yes, it’s our job to HUNT YOU, not passively monitor what you’re doing with our machines.
Unfortunately for most companies, they have completely useless admins fresh from highschool. I guess you get what you pay for huh?
Re: I've Personally Fired You
i bet you loved getting them fired too…like i know any networkadmins who are completely sinless when it comes to their corporate networks…you people are just the Foleys of the company
on computer keyloggers ruin that for you…does you no good to incript the message if every keystroke you make is recorded and searched.
Yup...
Yup…Give me a secure IM platform and I’ll tell you who said what, when.
It’s that simple. For all the geniuses telling these people how to subvert corporate security efforts, good luck.
People, I personally believe that people telling you how to avoid detection, really don’t know what they are doing.
For every example above, I have a very simple method to discover their secrets. So what I’m saying, in short:
There are no secrets from knowledgable Network Admins…GUARANTEED.
Aren’t the Yahoo IM text streams enchrypted between the two users?
I have tried to look at the logs on the disk and you can’t read then unless you log in as the user
Re: #15
Yeah but not technically speaking, if you have a safe location and you aren’t at that location, you are not secure until you get inside that location.
What am I saying? No matter how safe your safhaven is, it is not safe until you are inside and close the door behind you. All the while, especially as you are entering your safehaven, you are THE MOST VULNERABLE.
The very act of getting to your secure location exposes you the most, thus rendering any and all security as unsafe.
You Bet
I even said it’s our job. Yes, I enjoy my job. If you break the rules, be prepared to pay. That simple. Why shouldn’t I enjoy busting morons that want to take thier personal activities to work? They’re obviously useless employees and this is just one exscuse to can them before they do something else to waste the companie’s time.
I will also continue to enjoy doing my job. No loss of sleep here. Don’t do the crime unless…. eh, just do the crime so I can have another fun day at work 🙂
Re: You Bet
see what i mean? youre probably at work right now writing this crap, personal crap might i add…nazi
Re: You Bet
wow.. First off you sound like an 18yr old power hungry punk..!
But, yes, you are correct, any good admin will be able to monitor and log all transactions that happen on your network. We do the same, and we also ensure that people know this. Everyone is required to sign a disclosure agreement that warns them that we monitor and log everything they do. Now the difference is, that we do not actively sit in front of our screen “looking” for people to break the rules to get them fired. Many people do occasionally surf the net or chat on IM for both personal and business related things, but in my eyes, if the person is getting their work done and not sitting on ebay all day, then leave them alone and let them go on with life. Just my 2 cents
Thanks!
Thank you Captain Obvious.
While we’re at it: don’t visit porn sites or play WoW.
Day Off lol
It’s my day-off you tool. Stop trying to justify your actions by passiing blame to someone else. I guess you can’t say much though, snice you obviously don’t understand the concept of RULES.
So, go please get drunk, take a drive and pick up some children from a school. Only because people tell you it’s wrong doesn’t make it so in your head, apparently. I love your types, you only complain once you’re busted. Go smoke another joint you hippy sack of crap.
Re: Day Off lol
Getting a little ticked off I see? Your job must not be as fun as you brag or maybe the enjoyable life of a geeky network admin isn’t winning the social crowd over your way? I thought network admins are suppose to secure the network of outside intruders and not spy on workers all day? You just don’t seem like a great network admin to me.
Re: Day Off lol
Are you sure those guys you sacked were hippies. Foley is a Republican
Re: Re: Day Off lol
You know, to have a position as an anti-gay party there sure are a lot of gay republicans.
I am
Yes, i am a network Nazi. My only goal in life is to ruin others. I couldn’t get into a real college, and get a real degree. So now i just sit on my ass and bust people for sending one non work email a day
I Agree Here
This is pretty logical reasoning here. Employers know thier employees are simple folk. They also know that Americans can’t stop talking, gossiping and rumoring through the day, and will try anything to keep thier habbit. Hence the workplace IMs and Email.
I have friends that have been fired from work (they assumed they couldn’t be caught as well) for sending only a couple of IMs. I can’t say I feel sorry for them, because they knew it was wrong, just like every employee that gets busted now days. They knew it was wrong when doing it, but they did it anyway. They MADE THE CHOICE to risk thier job over a simple IM or Email. Sounds to me like they knew what they were doing and deserve anything that follows.
If you don’t understand why they deserve it, you have your head in the sand.
Give me my IMs damnit...
You people are all lame. busting poople for Ims at work? GET A LIFE ASSHOLES!
I only say this because I want to continue to pick up small children using my work’s network. I feel safer doing this at work because it’s not my computer. I will also defend every stupid thing I do, because it’s my right to do it!
I only work at TacoBell though, so I guess I don’t understand anything you people are saying. I get paid minimum wage, I weigh 375lbs and I live with my parents. I have a sad outlook on life and I tend to spend my time-off playing online mmorpgs, because it’s easier to make digital friends than real onces. I only have one testicle and can’t find my penis without my dad’s help.
I’m a sad, sad person, but I will still piss on your rules if you give me the chance. It’s all I have in life! muwahahahahahaha
This is great reading
This is awesome seeing all of you cry babies sitting there pretending like you have some right at work besides… uhm… WORKING.
No wonder illegal immigrants are taking your jobs. You American workers are freaking hilarious!
I'm not crying
I’m not crying. If a business feels like they need to fire me. Let it begin. My skills qualify me for other jobs in my area. I forgot to put something on my last post. This network admin guy reminds me of the geek of How High. The independent Hall Monitor that gave those guys tickets? Seriously, sitting around monitoring someone’s actions all day sounds like a totally different job than network admin. Are you sure you aren’t just doing bitch-work for the boss?
Stupid Americans doing stupid stuff at work? NEVER!
Jesus, do you see now why us other countries make fun of you? Do you people not realize how sad you look, trying to defend your right to abuse your work’s network?
I hope your entire economy tanks, I hope you all lose your jobs and I hope your families starve. I love watching stupid Americans lose at ‘The American Dream’ for the sole reason of not following the guidelines. You people fail in the most spectacular ways!
Re: Re:
That’s not a particuarly bright thing to wish for. Americans spend a lot of money. It’s a consumer economy. So, because Americans buy so much stuff, including imports, that spending actually supports, other economies. If America tanks, it’ll probably take a lot of other countries’ economies with it.
Nothing particuarly wrong with that. Americans as a whole just need to learn to save more.
Re: Re: Re:
To the idiot who keeps posting about americans this and that, ……get a fk’n clue and stay on topic unless you know what the hell you are talking about.
Just because you probably live in some repressive s***hole, and are unhappy, perhaps you should learn to mind your own business 😀
Cheers…
Re: #30
Yeah, what we need is you to discover our flaws for us that way we know what needs fixing. We fixed Afghanistan and currently we’re working on Iraq.
So many broken people…so little time.
Which one are you from? I’ll get my screwdriver…
Wow, thanks for the encouragement
I love seeing people from other countries bashing America out of jealousy. Thanks for wishing death on my family and friends. You seem like a really great guy. I bet your myspace account is booming.
It's simple
It’s simple really. No need to get the undies twisted up.
Thedr are good employees and there are bad employees.
Good employees do their Inet garbage during lunch, breaks, etc…Bad employees, well they’re just that, they do their Inet junk at any, and all times of the day. It takes only one bad employee to ruin it for the rest of the employeesbecause even as an admin I have to apply rules evenly. Yes my endusers are grouped into bad and good. Really, my Active Directory literally has two groups: Good and Bad. Bad, is restricted from IM (and other filters), only avilable for half hour lunch time. The Good group has more priveledge. I allow Bads to become Goods after about a year of punishment.
Sadist? No
Nazi? No
What then? My company sets these poilicies based on a thourough assessment and understanding of the problem.
Do you have a day off today too?
Do all network admins have a day off today?
Re: Do you have a day off today too?
To #35
Nope…just doing lunch:)
Actually..
What i ment to say was sadist? YES!!! nazi? YES!!!!
Admin's Job
As a Network Admin I can tell you two very Important things that it seems a lot of people here just don’t seem to understand.
A Network Admin doesn’t have the power to fire anyone…. only bring the atention of someone who can to someone’s missdeeds and yes they are missdeeds. The company that owns the network and pays your paycheck has every right to say you are not allowed to do this, this and this on company time. It not only costs them what they are paying you while you goof off but bandwith isn’t free either.
Second is that you don’t seem to understand what our job is all about. It’s about keeping the network secure and running smooth. The number one risk to any network is the end user and not some hacker trying to crack in. Yes we do need to secure and guard against that but it’s a fact that the bigest danger to a network is from the people in the network.
Oh and by the way i don’t need to sit at a screen all day to catch people doing things they shouldn’t…. just take a half hour a day and check the log’s. Quite easy and a part of every Network Admin’s day.
here’s a question. what’s the difference between checking stock quotes or personal email on a computer, and taking that extra 5 minutes in the shitter to read the paper/blackberry?
remember the old “water cooler” stereotype? hang out at the coffee table or whatever and bs for 5 minutes every 90 minutes or so? or what about the people who stay late? only get “paid” for 8 hours, but may stay 10…
and i think dilbert said it best
On Telecommuting:
“Am i required to work a full 8 hours? or Is it ok to put in just the 2 hours of real work i do at the office?” ~Dilbert (Scott Adams)
I'm so glad I work for a decent company
I’m in the IT department of a middle size business (some 500 poeple), and I thank God I’m not required to monitor what people do on the net. In fact, we’ve been told not to waste our time monitoring too closely. I keep track of network traffic, and we do stop web-radio, etc, that eats bandwidth, but couldn’t care less about people’s emails or chats.
Of course this is a “as long as the job gets done on time, and it doesn’t cause problems, I don’t really care what else you’re doing or how you’re doing it” sort of company. I really feel for those who have to work for other types.
Just my thoughts…
Re: I'm so glad I work for a decent company
#43…
It depends what type of business your company does. Some businesses, especially those involved with government contracts, may bill according to hours. If auditors walk through and see people clowning on the Inet, this could cause all work (and pay) to stop.
So rules and regulations do vary for some institutions.
power hungry admind
I’ve been in the field for over twenty years now. I use IM clients on a regular basis. Why because I like to keep in touch with my family and tech friends. There is nothing more satisfying than being able to confer with your buddy the perl monkey and ask him for a reference on a particular problem. I find that yes, I could google the issue and take a few hours or I can ask him and get a line of code in a matter of moments, and he will ask of me the same. For the admins that say they are looking for my type of tech — I say why don’t you work on your sloppy networks fix your security holes .Yes most of them are sloppy and the reason for the no IM policy in most places. You would rather just block something you don’t know how to protect rather than get down and do some real work. Remember with out those “Customers” you are trying to get fired –(personally know of one company that cant get any new tech to work for them do just this type of hard handed admin position. they are reviewing the policies but they fear the damage is done) who’s network you are protecting a you would not have your current job or do you think we should just hand them stone tablets. Most people will, when not able to message just pick up the phone and call I think this is more distraction than a few lines .
Teknosapien,
Network Monitoring Systems Engineer
Re: power hungry admind
#43…
Look, I’m already on your network:)
Could you please elaborate on your tireless genius for the rest of us lazy admins?
I don’t care whether it’s a secure or an unsecure session, it can be breached. IM clients are notoriously poorly written and are even less secure. In fact one known breach is to simply have a session of IM open followed by a simple buffer overrun. This allowed just enough of an opportunity to install a ~200k keylogger with IRC capabilities through a browser.
Day Off lol
You are exactly the type of admin whose network I’d like to have fun with. I can tell by your arrogant, self-centered attitude that you think you know it all. Oh, the hypothetical joy i’d have if i could get a picture of the look on your face when your boss questions you because I found an exploit in your setup and let your him know how much of an incompetent twit you really are.
People from the generation before that internet th
As some of the last few posts have pointed out, what is the difference between 5 quick lines on IM to your wife about groceries/dinner tonite and using 10 minutes on the toilet sms’ing the same thing forth and back or even reading the newspaper? I look forward to the day when those old school fellas are long gone, and everybody knows that internet is a good thing, not a bad thing. Guns don’t kill people, people do; Internet doesn’t steal a workers time, the workers own laziness do.
When reading all you network admins’ posts, I wonder if any of you ever read and understand many of the topics here on techdirt?
I see a parallel to kids internet usage at home: parents shouldn’t block and constantly monitor their kids internet usage, they should rather teach their children what dangers are out there, and how they can avoid them. (http://techdirt.com/articles/20060929/154029.shtml )
Likewise, my boss should not monitor what pages i surf and what IMs i write, he should look at what i produce for him.
re :power hungry admin
I never stated that the session was either encrypted or not.What I did say is that your networks are sloppy if your allowing malicious traffic on to them and dont know how to sniff packets and content then you need to go back to school or RTFM . and yes my network is very secure – -security through obscurity, all traffic that passes through my network is passed through a FreeBSD firewall logged sniffed and if necessary stored/blocked . The main point is that you have to give up the notion that everything is evil. if the person using the client is evil then his intent will be evil and you blocking the use of certain software will not stop him from hacking your network. all in all most of the things that have been developed were done so for a perfectly valid reason and can be used as tools. Why dont you try and educate your users. I ‘ll bet if you do a you’ll get a very positive response. personally I dont care if they look at what I’m saying.
one more thought why do I do the network monitoring like I do. simple I have a 14 year old daughter and I wanna see who’s knocking on her door
Teknosapien
NMS Engineer
Re: re :power hungry admin
#49…
You can sniff all you want…it smells no different than a freshly baked muffin…
...
To the person trolling Americans, I do “stupid” things at work sometimes and I’m British.
To the other people complaining about my previous post, actually the company where I work doesn’t have a computer usage policy, so I imagine they can’t fire me for running a program that they know I am running (PuTTY, not Tor).
As for people saying that you’re not protected from keyloggers, correct, chances are a company won’t use keyloggers on all their machines though. You might notice I never claimed it protected you from that.
As for concerns that a so-called “network-nazi” could get you fired for using putty or tor, you could always use a web front-end on a webserver with HTTPS, then it would be difficult to differentiate it from many other websites.
If you’re good at your job I can’t imagine most companies would mind the use IM.
GPRS/EDGE, ETC and a LAPTOP
All you need these days is a cellphone, a laptop and that’s it.
Your company can not see one THING!
Well…. as long as they can’t see over your shoulder 😉
monitoring or peeping toms?
I cant beleive some of the ideas and comments here! lol Whoever requested the death by starving for children need not only an attitude adjustment, but a new heart..possibly inserted rectally.
New Mexico is one of the few states that still allows cameras in public bathrooms. Big brother still lives. I am wondering what these “admin. people are hoping to find when they view these tapes? Perhaps they should have cameras watching them…watching other people use bathroom facillities. Think these peeping admin. guys come to work with a tub of crisco and breakaway speedos?