Hotmail: Not Safe For Work? 583
silentknight writes "According to MSNBC, web-based e-mail providers such as Yahoo and Hotmail may not be a haven for your private e-mail anymore. At least not while you're at work. SpectorSoft is introducing eBlaster, which aims to "secretly forward all e-mail coming and going through such Web-based accounts to a spy's e-mail". Corporations will most likely argue that, because of sites like Internal Memos, companies need to keep a tighter grip on the information that flows in and out of their companies. But attempting to spying on private e-mail?? In the words of Homer J. Simpson: "Butt out, Buttinsky"."
To be honest (Score:5, Insightful)
Now this becomes a little tough because we aren't automatons and have lives outside of work that need tending to. However, to expect that what you do within the walls of your company is private is laughable.
Just assume that everything you do there is under surveillance. Heck, all your thoughts are already belong to them.
Make all changes retroactive, technology-wise (Score:4, Insightful)
How many people you think would be cool with their employer listening in on their personal phone calls, and opening all their personal mail that gets sent to the office?
Apply it to everything, and people will understand that this is an encroachment on what we currently have, not a reasonable measure for dealing with a newish technology.
Re:To be honest (Score:5, Insightful)
That's highly culture specific. For example, most Asian companies usually do not insist that *whatever* you do on company time is teh company's. Heck, I did not even sign a contract to that effect.
Heh (Score:4, Insightful)
Their network.
Their time.
Their money.
'nuff said.
yes, they can do whatever they want (Score:2, Insightful)
Of course this article is quite irrelevant for slashdotters. We should have our certificates, machines we can VNC to, encrypting proxy servers, etc.
But, ironically, it'll probably be the arrival of widespread wireless (be it 3G, a mesh network of 802.11, etc.) that provides a little privacy. Imagine, if you want to send a private email, just change your Wireless connection to be your public ISP-type network, send your mail, and voila. You use your ISP's network instead of the corporate one. Both parties are happier.
Bad management... (Score:2, Insightful)
Far more often than having your boss actually read your personal email every day, companies snoop to archive this sort of information so that if they need to they can review and use it later. This possibility for abuse in this regard is endless.
Re:Heh (Score:5, Insightful)
1. Pay for all my work clothes.
2. Pay for my fuel expenses going to work.
3. Pay me for all the unpaid overtime spent in the office *and at home*.
4. Pay me rent for using my home as temporary office space (see item 3).
5. Pay my cable modem/DSL bill for VPN'ing over the weekends.
Re:Heh (Score:5, Insightful)
Still think you don't deserve any privacy?
Re:To be honest (Score:5, Insightful)
Which is fine until you point out that the flip side of this is that you'll only work your contracted hours and never think about work outside of work hours.
If a company is going to totally restrict what you do during work hours then they shouldn't expect any favours back - especially when a better job comes along as you'll be the first out of the door.
It works both ways, they make your working conditions pleasant and you reward them with loyalty.
Re:Ooh, goody... (Score:3, Insightful)
If an employee isn't pulling their weight, warn them and then fire them. It's as simple as that. I understand corporations getting a little annoyed by weenies forwarding internal emails (which is reprehensible and they should be punished), but most justifications are for pathetic, over the shoulder monitoring.
Make sure you don't use the phone either... (Score:3, Insightful)
Blocking or intercepting email is more or less the same as listening in on a phone conversation. Yes, I know this horse has been beaten to death here but it's still ridiculous.
If you're not allowed to make personal phone calls then I can understand them not allowing or even monitoring personal computing use but for communications, email should be a protected medium.
Re:Ooh, goody... (Score:4, Insightful)
When we (meaning the IT department at my company) monitors what users are doing, either on the internet, or anything else, they're not just doing it on company time...
They're doing it with company computers.
the system (Score:5, Insightful)
Your words could apply just as well to someone justifying plutocracy as the logical system of government for a nation -- the wealthy landowners get to make the decisions, because they literally own the country. Somehow, in these modern times, we've decided that that's just not acceptable anymore. Why do we still put up with it at work?
I normally agree (Score:1, Insightful)
An hourly employee is being paid for everything they do at the company, and that time does explicitly belong to the employer.
A salaried employee gets paid for the work they do, more than their specific time at the office.
Re:Make all changes retroactive, technology-wise (Score:3, Insightful)
Re:What gives you the right to privacy? (Score:2, Insightful)
Re:Our only hope is (Score:2, Insightful)
Well, you get the idea. There are good reasons for the existince of fair practice standards in labor laws...
Re:To be honest (Score:3, Insightful)
Backwards thinking again. If you don't like their rules, you should go work for someone else. If then can find another idiot that doesn't mind being treated like a kid then that's fine by me.
what about smoking crack on company time ? would u agree with that?
Erm. No. I wouldn't agree with that. I expect to be treated like an adult because I can act like an adult. If a company employs idiots and potheads then they deserve everything they get.
I wonder if the CEO reads personal email at work? (Score:4, Insightful)
Of course not! People that high in the organization would never use company time - or company computers, cars, or phones (or money!) - for personal use.
When they are on the golf course, it's not for fun, they are doing BUSINESS. You wouldn't expect them to do business like the rest of us, at a desk, would you?
This NEWS is nothing new, and really no big deal (Score:2, Insightful)
If you are at work, don't be stupid. Set up your own damn computer, and keep as as secure as you can. All you need is some night cleanup guy to install this tool on your pc, and you credit card and bank info is public knoledge.
Why on earth does this article center around Hotmail? who the fuck cares about webmail... this is a keylogger, and much more and is no way specific to hotmail.
The tone of the news item almost seemed like Hotmail.com were the ones forwarding the emails:)
--me
Re:To be honest (Score:3, Insightful)
Yet, somehow I need to spend 9 hours a day at work simply because the phone might ring. I'd be happy to work if I had some. In fact, I actually request more work constantly. By all accounts I would be a model employee. Yet, when I have nothing to do I surf the web. I'm using company resources to do things other than my job.
So I guess that makes me a bad person.
*rolls eyes*
If I do my job appropriately and efficiently then the company should cut me some slack. I'm not wasting company time or resources if I have fulfilled my job duties. If I read a book at work would it be any different?
Ain't Nobody's Business If You Do (Score:3, Insightful)
These sorts of issues are very similar to consensual crimes [mcwilliams.com] where the government wants to monitor what you do between consenting adults.
Re:Private e-mail ? (Score:1, Insightful)
There just needs to be some intelligent balance going on here.
-Rick
Re:Heh (Score:2, Insightful)
Their computers wasting cycles without an employee using it.
Their network sitting idle without employees working.
Their time wasting without employees.
Their money not growing without employee talent.
You forgot that a business without an employee goes nowhere, and an employee is a person who deserves more respect than a little bit of bandwidth.
I'm a human being and deserve some respect - respect for life outside of work, respect for privacy, respect for talents. When they prefer to use iron fisted policies that treat me as a simple machine in the system, I no longer feel the need to respect their corporate secrets or work hard.
It's a pretty easy equation. Respect me and acknowlege I have a life, and I'll respect the company and want to help it grow.
I mean goddamn, I've worked shit jobs for rednecks who understood that treating employees like shit gets you nowhere.
Re:Ooh, goody... (Score:2, Insightful)
In business, there are employers and employees
That's a pretty antiquated idea of business relationships nowadays. 30 years ago bosses (who very often were also the owner, and hence had more of a theoretical basis for it) could tyrannize their employees, almost like a parent-child relationship. In the modern era that sort of behaviour is relegated to sweatshops, and instead most "employees" are adults who deal with their bosses in a adult-adult relationship. A better representation of an employee nowadays is that they are businesses offering services to their "employer" (indeed, many companies have simply gone the contractor route, a movement which empowers workers more than most understand). There no longer is such a thing as long term stability or company loyalty (on the flip side there is very little employee loyalty), so classic, outdated notions of the relationship no longer hold true.
I should note that I am an employer, and indeed I've actually argued on BEHALF of employer rights in many discussions in the past: I have the right to block whatever websites that I want, or to bar people from installing whatever OS they want, or from having admin priviledges. These things I do when I feel that there is a credible, reasonable, quantifiable risk to my organization. I will say, though, that most monitoring tactics have nothing to do with that, but rather it has to do with "putting employees in line". It's the same out outdated in-your-face method of "ensuring" employee productivity that has failed for generations, but there remains a contingent of people who still believe that if they just capture weblogs and read people's email, somehow that'll make them more productive. I treat all of the people who do work for me as businesses, and the control that I have is that I can cease requiring their business when the net detriment to me outweighs the benefit.
Re:To be honest (Score:5, Insightful)
Quite honestly, you should do that anyways. Company loyalty is a complete farce. Most companies treat people as "human resources" anyways, and in most companies your employment is "at will".
Quit giving your lives and your hearts and your souls to a company like that. You'll be much happier if you think of yourselves as mercenaries - do honest work for honest pay. If you think a management decision is stupid, as long as it's legal / ethical, then kick back and remember that they're paying you to work, they're not paying you to care. Example: Say some pointy haried boss wants you to implement a horrible User Interface. You know it's a bad idea, that it'll be clunky. GO AHEAD AND GIVE THE PHB WHAT HE/SHE WANTS! Let them deal with any consequences. If a company starts reading your private email, then quit. Find something else.
And this isn't a bad attitude. When you're at work, you should perform your duties to the best of your ability. However, when you're not at work, forget about work. And if someone offers you a better job, then TAKE IT. Start putting yourselves and your families over your jobs. Ultimately, your own self and your family is far more important then a company that's here today, gone tomorrow.
Look what company loyalty got employees at Enron and WorldCom.
Re:To be honest (Score:2, Insightful)
The question is, how many of us have agreed to some similar contract without realizing it? My own "employment handbook" is quite large and I am regularly forced to "agree" to the terms laid out in that book by signing some form. Thankfully I've never found a section on "intelekshul prahpitty", because if they ever do sneak one in there, it'll have to respect my ownership of non-work-related ideas, or I'll have to strike it, or I'll have to quit.
Re:Solution? (Score:2, Insightful)
If they are using a keyboard logger, then yes it doesn't matter whether you're typing on your local computer or on your "remote" computer, they'll pick it up.
However, I would say your remote computer encrypted via SSH is still a pretty safe haven from corporate keyboard logs. Even if they intercept your password, they would still have to set up a decryption system to listen in on the return traffic in real time. Then they'd need to know you were running winVNC, and rig up a special winVNC client to listen in on the display updates that are coming in.
That's a pretty big hurdle for an IT department to overcome.
As for other hacks---frankly if someone inside the corporate firewall were hacking around, I don't think their motives would be directed at someone's SSH connection to their home computer.
So I'm not saying you're totally secure but I would say that the apathy factor probably protects you pretty well.
Where have all the libertarians gone? (Score:2, Insightful)
We don't give up all our rights just to work for The Man. I get breaks at work, I use the bathroom, and I get some privacy. As long as I don't abuse the resources given me or take outrageously long breaks, I ought to be able to make a personal phone call, check my e-mail, or read part of the paper.
Having some personal time at work guarantees that I'll be sane enough to be productive the rest of the time. If I couldn't take a break and have a little privacy, I'd probably end up staring blankly at the screen drooling on my keyboard and I'm sure the IT folks would REALLY love that.
-Me
Re:Is hotmail selling my Email address? (Score:3, Insightful)
Many spammers just try random user names and hope they reach an inbox. And even if you open just one random spam with HTML 'phone come' code embedded in it, you are exposed and the spam starts rolling in.
Rights vs brains (Score:5, Insightful)
There are two types of workers, those who WLL get the work done regardless of distractions and those who will NOT get the workdone even if placed in a locked room. Hire and trust good people! Big brother tactics just makes the productive people less productive and won't fix the duds.
How is this different than a trojan? (Score:3, Insightful)
but that is not the
case.
Spector soft designed the software to periodicly register its serial number with there database. This way if the software is installed in one or more machines they disable your software. Sure a firewall would prevent this communication, but it should also prevent the program from working anyway. I also woant to know what level of trust would one place into a company that can then have total control of your system. Are all those emails marked 'confidential' being sent to the company president also being routed to some other location? In this case security is only as strong as this software company's security. Could someone not take over and then have instant access to hundreds of corporate zombies? Sorry, but I am not about to take that chance.
Attn Yahoo Users (Score:3, Insightful)
https://mail.yahoo.com
This won't stop them from tracking you, but at least your content will be private.
Re:Make all changes retroactive, technology-wise (Score:4, Insightful)
In our employee handbooks, we reserve the right to monitor calls. We never have, but we can. We allow a few calls (lots of mothers in my office. Lots of calls to/from the office to make sure the kiddies got off the bus okay) which is no big deal. Same thing with... A million little things. People are more productive, like you say, if they don't have to stay at home to wait for a package, to order a repair of their appliance, etc. But some people abuse the privelage.
It's a balance that has to be struck. What seems to work is when we suspect someone of abusing the phone, we just remind them that we allow limited personal calls, and that we can monitor their calls to see if they are abusing the privelege. The offending behavior stops within hours:)
And to the naysayers who say 'ignore company loyalty'. I've got news for you: it's a chicken and egg problem. I'll extend loyalty. We've got employees working for us who were around in the Ford administration. Until they retired, there were a couple of employees who changed my diapers. They gave their loyalty. We reciprocated. Need 2 months off for back surgery and recovery? No problem. Hope you get better. We'll keep your chair warm for you. OTOH, you think we're only good for a paycheck? Well, screw you. When times get tight, you'll be first on the chopping block. We'll find a way to save the person who stayed late to finish up some work.
Loyalty works both ways. I think some of the children on slashdot forget that.
(resume) Re:To be honest (Score:2, Insightful)
Interview/Application Question: Previous employment
Ummm.... I've worked at many companies, but prefer not to name them as they now hate me. It's all their fault though, really!
I prefer to do a good job, enjoy my work and take pride in what I do. I do check my own emails, post to/read slashdot, etc.
However, I try to not tie up a lot of time I could be being productive. It also helps that when I ask for a day off, or a perk/raise, I often get it or at least get reasonable consideration. There's no reason to work like a slave, but a little honest dedication tends to have its rewards.
Re:You Bet Your Ass We Monitor! (Score:2, Insightful)
First off, as a government agency, you think you'd do a background check on someone convicted of a felony, and then not hire them. That's just ridiculous that he got away with it.
Secondly, the man had committed rape, yes. Now he is free. That means that he has paid his debt to society. If he was going to commit another crime, statistics show that most people do it within the first three months of getting out of jail/prison.
Your kind of mentality is that which says that we should tap peoples' phone lines because they *could* be planning terrorism, or we should follow people around, because they *could* be going to commit crimes, or they should be able to search your house because you *could* have illegal material. I hope you get the idea.
This is not the way the US works, and is not the way it ever was intended to work. There's reasons the police can't just search your home, or tap your phone, or have a camera on you all the time. They're all good reasons, too. They protect my freedom and your freedom.
At what cost do we give up the ability to be free for our security? Checking e-mail? Tapping phones? Hidden cameras in your house?
Even at work, you have the right to a certain amount of privacy. They (usually) don't tap your phone or spy on you, so they shouldn't be reading your e-mail either.
A lazy employee looking at porn and a lazy employee drawing a picture are both lazy employees.