Sunday, June 22, 2008

A rambling, but interesting article. Lots of points to argue!

http://www.tribunetimes.com/apps/pbcs.dll/article?AID=/20080621/NEWS01/806210327/1144/TRIBUNETIMES

Workers should expect little computer privacy, experts say

Published: Saturday, June 21, 2008 - 12:53 pm Updated: Saturday, June 21, 2008 - 1:01 pm

By Ron Barnett and Ben Szobody STAFF WRITERS rbarnett@greenvillenews.com

Greenville County employees have "no expectation of privacy" on county computers and may be monitored if there's reason to suspect misuse, [e.g the employee looks happy? Bob] a policy that underscores what many employees ignore but may now be thinking: The boss is watching.

Hanging in the air since court documents revealed allegations that county Councilman Tony Trout used spyware on the county administrator's computer is what experts say is employers' free rein over the computers they provide for employees, meaning workers have no privacy rights on those machines.

What sets the Trout case apart is a legal distinction between individual council members, who County Attorney Mark Tollison said don't have any employer rights, and the council as a whole, which hires and fires the county administrator.

Trout, who has refused to comment to The Greenville News, has told WYFF TV that he accessed County Administrator Joe Kernell's computer, and that it was legal because Kernell is his employee.

No charges have been filed.

The council has countered Trout's argument before, voting 9-0 last year to reinforce state law with a county policy that sent a "clear signal" to county employees that they can refuse to respond to "coercion or force" from individual council members. It also prohibited council members from "interfering and intruding" on county operations.

Tollison points to a state Supreme Court ruling issued this month that said, in part, that an individual Anderson County Council member had no right to independently review county documents protected by attorney-client privilege, but that only the council as a whole could do so.

A 1978 state Attorney General's opinion says state law allows a council as a whole to conduct investigations but not individual council members.

Employers face no such restrictions.

"Unfortunately, there's almost no limit on what employers can do," said Lewis Maltby, president of the National Workrights Institute in Princeton, N.J. "The only reason there's a legal issue here is because it's not clear that the council member was the employer."

Monitoring by private companies can range from the suspicion of illegal activity triggering an investigation, to the spying of a firm intent on discovering if, for example, employees are using e-mail to hunt for another job, said Phil Yanov, executive director of the Greenville-Spartanburg-Anderson Technology Council.

The only restriction an employer has in monitoring employees' use of company equipment is they can't eavesdrop on personal conversations, Maltby said. [Of course they can... Bob]

Employers also would be crossing the line to intentionally read an employee's personal e-mail, he said.

"Your boss shouldn't deliberately look at your e-mail messages, arrange them by who they went to, and then deliberately look at all the ones you sent to your husband," he said. "It's legal. But there's no legitimate business reason to deliberately go out of your way to read someone's personal e-mail that they sent during their lunch break."

"We think the line should be drawn not on where the computer is located but by the nature of the message."



Interesting but anecdotal story of the perils of web 2.0. Might be a good presentation topic for the White Hat club.

http://www.technewsworld.com/rsstory/63469.html?welcome=1214136291

Getting Found Out, Web 2.0 Style

By Sarah Lacy Business Week Online 06/22/08 4:00 AM PT

Web 2.0 technologies and trends are threatening the tiny, white lies woven so tightly into our social fabric, writes Sarah Lacey. Want to call in sick to work after a night of partying? Better hope nobody posted a photo of that night on Facebook or Twittered about it.


Related If you really really want to spy on someone.... (Free trial available)

http://www.pcpandora.com/

PC Pandora

PC Pandora will monitor computer activity and allow you full access to key logging, instant message chats, password retrieval for myspace and other sites.

[From the website:

Monitors And Records All Emails, All Instant Message/Chats, Records All Key Strokes,

All Web Sites Visited, Monitor And Capture Every Program Run On Your PC


Related Technology that absolutely protects your privacy (except when it does not) Beware of “privacy protection” technology that is controlled by the company that is invading your privacy in the first place.

http://www.technovelgy.com/ct/Science-Fiction-News.asp?NewsNum=1704

Let's Hear It For The Vague Blur!

Widespread video surveillance has been a great boon - well, to someone, since studies in Great Britain show that there is virtually no significant reduction in crime in heavily surveilled neighborhoods.

The real problem is finding people (enough of them!) and paying them to watch all these cameras to search for wrong-doing.

The video-analysis company 3VR has built up a database of every last license plate, vehicle and face that is encountered by video cameras in its network and sounds the alarm if it sees a suspect anywhere.

As it turns out, there seem to be people who don't like being constantly photographed [Imagine that! Bob] every minute of their lives, and 3VR's engineers have come up with an interesting gimmick to help maintain the privacy of people who are being constantly photographed without their knowledge or consent.

This system uses the same algorithms that pick out faces and license plates; it then blurs the faces and vehicles that are not in their database of suspicious persons.

Of course, if you later become a suspicious "person of interest," security guards can "unlock" your image to reveal your real, sharp-featured self under the blur.



Are we tossing gasoline on the fire? Read further for an interesting hack and some insightful comments,

http://yro.slashdot.org/article.pl?sid=08/06/21/1814239&from=rss

Sandvine CEO Says Internet Monitoring a Necessity

Posted by kdawson on Saturday June 21, @04:48PM from the for-his-business-model-maybe dept.

Khalid Baheyeldin writes in with a CBC interview with the CEO of Sandvine, Dave Caputo (bio here). Sandvine is the Waterloo, Ontario-based company that provides the technology that Comcast and other ISPs use to overrule Net neutrality by, for example, injecting RST packets to disrupt Bittorrent traffic. Caputo says, among other things, that Internet monitoring is a necessity. Some of the comments to the interview are more tech-savvy than the interviewee comes across.



Even good companies make bad choices...

http://it.slashdot.org/article.pl?sid=08/06/21/1919223&from=rss

Safari "Carpet Bomb" Attack Still a Risk

Posted by kdawson on Saturday June 21, @05:51PM from the will-it-blend dept. Security Apple

SecureThroughObscure writes

"Just a short time after Apple's recent acknowledgment of and patch for the Safari Carpet Bomb 'blended' IE flaw, Microsoft researcher Billy Rios shows that Safari is still useful in a blended attack, this time with Firefox 2/3. (ZDNet's Nate McFeters also spread the word.) Rios claimed that he is able to use Carpet Bomb, despite the recent patch, to steal arbitrary files from victims who also have Firefox 2/3 installed. Both Rios and McFeters pointed out that Apple, which took some heat for not originally patching, actually did a good job of addressing the issue, as the code execution angle was not originally understood (the details came out later). Rios is withholding details of the new attack vector until Apple has had time to patch or respond to this issue."

[An explanation of Carpet Bombing including the HTML code to make your own:

http://www.dhanjani.com/archives/2008/05/safari_carpet_bomb.html

Safari Carpet Bomb

... because the Safari browser cannot be configured to obtain the user's permission before it downloads a resource. Safari downloads the resource without the user's consent and places it in a default location (unless changed).



Music Lovers!

http://torrentfreak.com/isohunt-adds-10000-free-and-legal-albums-080621/

IsoHunt adds 10.000 Free and Legal Albums

Written by Ben Jones on June 21, 2008

Despite being ensnared in legal proceedings with the MPAA, isoHunt is continuing to grow. Adding fuel to the ’significant non-infringing use’ argument is their latest partnership, with the Creative Commons music distribution site Jamendo.

... isoHunt has announced a partnership with Jamendo, a site that deals in Creative Commons licensed music. Reaching the 10,000 album milestone only days ago, content available on Jamendo is growing quickly and when you grow, it helps to be able to get the content out there.

... “We receive up to 500 new albums per week, from more than 60 countries in the world,” Kratz said.



Happy Anniversary! (Imagine calling a one tonne computer “small scale”) Cute little video (old newsreel?) accompanies

http://it.slashdot.org/article.pl?sid=08/06/21/1436259&from=rss

'Modern' Computers Turn 60 Years Old

Posted by CowboyNeal on Saturday June 21, @11:39AM from the happy-birthday-baby dept. Upgrades Software Hardware Technology

Christian Smith writes

"Stored program computers are 60 years old on Saturday. The Small Scale Experimental Machine, or 'Baby,' first ran on the 21st of June, 1948, in Manchester. While not the first computer, nor even programmable computer, it was the first that stored its program in its own memory. Luckily, transistors shrank the one tonne required for this computing power to something more manageable."

No comments: