Alabama IT Whistleblower Fired For Spyware 751
chalker writes "Vernon Blake, an IT sysadmin for the Alabama Department Of Transportation, wanted to get evidence that his boss spent the majority of his time playing solitaire on his computer. Since emails to higher up supervisors were ignored, he installed Win-Spy, which grabbed screenshots several times per day over a period of 7 months. 70% of the resulting screenshots showed an active game of solitaire, and another 20% showed his boss checking the stock market. When he reported this to superiors, he was fired, even though he had 21 years of service in the position. His boss got a reprimand to 'stop playing games'. He is appealing his termination in court since he claims it was part of his job description to 'confirm and document' computer misuse for ALDOT. His complete story is here."
Re:Rule #1 (Score:1, Informative)
Re:Use? (Score:3, Informative)
Re:That's 90% (Score:5, Informative)
10. An analysis of the screenshots yielded the following results:
- 293 (approx. 71%) of the screenshots documented active, on-going
games of solitaire.
- 87 (approx. 21%) of the screenshots documented web site visits, email
subscriptions, and other miscellaneous non-job related activities
consisting mostly of personal financial and stock market research.
- 29 (approx. 7%) of the screenshots indicated some job related activities,
mostly consisting of an "I concur" in an email response. However, solitaire
was minimized (hidden) for quick retrieval on most of these screens.
- 1 % or less of the screenshots were inconclusive as far as the type of activity.
- No screenshots (0%) documented any job-related activities such as word
processing, spreadsheets, databases, job related websites, electronic
document management, right-of-way plans standards, etc.
Additionally,5. A screen capture utility was used to automate this process. The utility behaves like a camera by capturing photographs of the computer screen. The utility did not target any specific activity or application usage by the user.
6. Screenshots were automatically recorded at times randomly selected by the screen capture utility. The installer of said utility had no control over the randomly selected times.
7. Periods of computer inactivity on the part of the user de-activated the utility until such time that user input was detected. This feature prevented generation of redundant screenshots at night, weekends, holidays, days off, etc.
8. Also, A minimum time interval of approximately 30 minutes transpired between screenshots to prevent a large volume of redundant images. The purpose of the utility was to take a representative sample of computer activity. The pattern of computer usage on the part of the user ultimately governed the interval between screenshots. When no activity was detected, screenshots were halted.
I really hope this guy gets vindicated in the end. He did his job, documented his case very well, and got screwed.
Credit Card Risk! (Score:1, Informative)
Seems the company had a policy of spying on its employees with a key-logger. Unfortunatelly the cocmpany didn't keep these key-logs securely and someone stole them and extracted credit card info from people who made online purchases.
This kind of spyware is dangerous regardless of who is using it.
Re:couldn't he just.... (Score:3, Informative)
a search for sol.exe on the entire c drive will give you all three copies and then you can delete them.
Re:That was appropriate (Score:5, Informative)
Re:That was appropriate (Score:3, Informative)
This is not to try and pick fault at what you are saying I agree with it (just not that little part). Plus by drawing attention to it, I'm hoping to quell peoples ideas that "employee just wanted boss's job" type threads.
RTFA (Score:3, Informative)
It also only captured during randomly set intervals at 30 minutes a minimum. Basically, it was set up so that it was a completely random sample that the sysadmin was unable to knowingly control in order to make the guy look bad.
Re:Software to snoop windows video output? (Score:1, Informative)
Re:That was appropriate (Score:5, Informative)
Re:Everyone knows (Score:5, Informative)
dobbsg@dot.state.al.us - George Dobbs, the Solitaire King
bowlinp@dot.state.al.us - Paul Bowlin, the head of the ROW Bureau, who thinks George's work ethic is above reproach.
aldotinfo@dot.state.al.us - E-mail address for ALDOT, apparently the only published address through which ALDOT director Joe McInnes (who signed the termination letter) can be reached.
governorbobriley@governor.state.al.us - "In Birmingham, they love the gov'nor - Hoo Hoo..."
Drop these folks a line, let 'em know what you think. "Now we all did what we could do..."
Re:That was appropriate (Score:5, Informative)
-
Being the sysadmin does not grant you the right to spy on another employee even if that employee is your boss. There is a certain amount of trust that an employer has to grant a sysadmin but when that trust is taken advantage of as in this case it becomes abuse.
Actually most workplace computer policies permit exactly what this guy did. Perhaps you should read yours more thoroughly, I know I haven't worked anywhere that doesn't in fact include a clause similar to this one, take from the ALDOT's Computer Usage Policy (posted on the guy's site[emphasis added by him]):-
Any individual who utilizes any ALDOT computer resource consents by that use to the
potential monitoring of such use.
I won't post it all here but you should look at the documents on his site, the same one contains the definitions of System Administrator. He didn't break any rules. Also I should note that this is standard for non-classified government work. Because of open secrets laws every detail of what a government employee does, including their personnel files, are public records. Government employees effectively have no privacy at their jobs, it's something fairly unique to the job sector.Because the Internet services are to be used only for government business, all records in these systems are hereby considered government records. As such, these records are subject to the provisions of state laws regarding their maintenance, access, and disposition. Employees using these services do not enjoy any right of personal privacy.
A user who utilizes ALDOT computer resources for any purposes other than for official ALDOT purposes, is guilty of theft or misuse of state resources and may be subject to both ALDOT personnel action and appropriate criminal prosecution.
-
Proper channels should have been followed. If his employer was unwilling to take action he should have left it alone. We all work with people who are lazy and unjustly promoted. But that doesn't give us the right to spy on them.
Proper channels were followed, he documents it all on his site, shows the policies, tells each step he took. There's even this statement: "On my part, no laws were broken, ALDOT's own policies and procedures were followed in letter and spirit, and actions taken were in ALDOT's and the taxpayer's best interest."He explains he took the action he did because the boss's game playing was causing problems within the division of employee moral and supervision. Another quote: "Not only was this behavior wasteful, it impeded my ability to effectively supervise subordinates, including my ability to discipline employees for wasteful behavior of any type. The situation deteriorated to the point where cartoons were being distributed that mocked my supervisor's behavior." He includes two examples of those cartoons.
So I have to ask you, how much did you read about this issue before you passed judgement? And while I understand you aversion to "spying" on users (having done sysadmin work for quite a while myself) I find it odd that you don't realize that sometimes it is not only necessary but required. If someone if using company resources to violate laws the company will require proof before they can act to protect themselves from future prosecution (and defend themselves if such prosecution occurs). Even if they're not breaking laws but violating company computer usage policy often monitoring to gather proof will be required before they can be disciplined and/or fired.
-
As a sysadmin I find this guy's behavior pathetic. It's an abuse of his position. I would have fired him, too.
Well frankly I must say I'm glad you don't work for my organization. Protecting user privacy is important but also is understanding that monitoring must occur sometimes, no matter how much we find it distasteful. Also he didn't abuse his position, if you read all the info presented you'll find he followed their polices and procedures properly and did his job. If that's a fireable offense, well I suppose we'd all better start playing card games at work all day instead of working.Re:No it wasn't (Score:5, Informative)
-
Playing Solitaire is not misuse. It's not the best use of time, but it is not misuse. He sent the emails to the higher-ups, they obviously weren't that interested. In other words, he must still have been getting his work done. (Or his job wasn't so consequential, but it's not a syadmin's job to trim the fat.)
Actually if you look at the excerts from ALDOT's computer usage policy he has up any non-work related usage of the computer is defined as misuse/abuse. So in this case it was in fact misuse.Re:That was appropriate (Score:3, Informative)
Because the Internet services are to be used only for government business, all records in these systems are hereby considered government records. As such, these records are subject to the provisions of state laws regarding their maintenance, access, and disposition. Employees using these services do not enjoy any right of personal privacy.
A user who utilizes ALDOT computer resources for any purposes other than for official ALDOT purposes, is guilty of theft or misuse of state resources and may be subject to both ALDOT personnel action and appropriate criminal prosecution.
Comment removed (Score:2, Informative)
Re:Everyone knows (Score:1, Informative)
Re:No it wasn't (Score:4, Informative)
If it were a private company, you might be right, upper management would have the say, but this is a government agency, that is using taxpayer money. I think of this guy as a hero of the people. This kind of wasteful behavior needs to stop. If all this so called 'boss' has to do is play solitare all day, then his position needs to be ELIMINATED!
The salaries of most government positions is public knowledge, btw.
Re:No whistleblower here... (Score:3, Informative)
No, I beg to disagree. A sysadmin is in a position of trust. He is not like any other normal whistleblower.
Being able to access every account in a system bears special responsibilities, esp. the ability to keep your mouth shut. Imagine your bank clerk would disclose your _true_ income to the IRS, just because she felt you were trying to circumvent taxes? Or what about your attorney going to the prosecutor, because he discovered that you were really guilty in a case?
Whatever, a whistleblower is a good guy, but sysadmins should refrain from _actively_ spying on their users, no matter what axe they have to grind with them. It is blatantly unethical.
Bad Link; Wrong Win-spy (Score:3, Informative)
Maybe they meant to mention this link to another product called Win-spy? [win-spy.com]
Sweet Jesus. YOU'RE MISSING THE POINT (Score:4, Informative)
Right, it seems this link [decaturdaily.com] (an actual news story on the issue rather than just the one guy's point of view) has already been posted here more than once.
It stuns me that despite ~50 +5 replies, no one has bothered to point out that the program this guy installed HAD A BACKDOOR.
Yes, that's right people. That's why they're calling this spyware. Because it is.
Read this:
Bobby Mitchell, an employee contracted to DOT to do computer network support and computer programming, told the hearing officer that DOT's computer firewall crashed in January 2003 and had to be rebuilt.
Mitchell said he found WinSpy on Dobbs' computer when transferring material and programs in his computer to a new one and at that time saw that the program had an "imbedded address" that allowed someone outside the department to have access to DOT's computer system. The imbedded address was traced to Australia.
So, who still actually believes he should get his job back? He was so focused on proving his boss was in the wrong that he compromised the security of the network he was a sysadmin for.
Re:Everyone knows (Score:2, Informative)
wrong! here, you are so off the marker it's pathetic.
I would normally agree, except in the case where the former system administrator shows the job description from the employee manual that states that as part of his job function.
ALDOT Policy Excerpts [knology.net]
Good old boys system (Score:1, Informative)
Being a government agency it is usually rather hard to fire someone. It is impossible to get a bad manager fired because there other manager friends will cover their butts for them.
Of course it is easy to fire us peons, all they have to do is trump up some fake charge like having porn on our computer or some form of insubordination. Actually the computer usage policies are so strict that there are things that *everyone* is in violation of. So it is not that hard to find something.
They don't like to fire people to often though because it makes the managers looks bad, so what they usually do is run off their employees. They will pass out reprimands left and right for all kinds of bogus or stupid little things (like forgetting your daily status report or being late a few days). Using these they can also reduce your pay or otherwise demote you. Mixed in with all of this they will play "musical projects" and give you some project you don't know how to do. Are you a java programmer with 10 years experience? Well, your new project is in Visual Basic! Lets watch as you fail to meet your deadline and then it is reprimand time again! Oh, and you are not allowed to ask other coworkers for help as that would be "cheating". In the end it gets so bad they just quit to save their sanity.
So chances are this boss in the article was involved in a similar "good old boys system" and they just decided it would be easier to get rid of the peon causing trouble.
Re:Everyone knows (Score:3, Informative)
The politican made excuses and the civil servant who was responsible for enforcing the computer policy said something like "I am not going to touch it". It all blew over.
I conclude, as in the military, you cannot hold people above you accountable. It is the way of the world.
In this cases, Dobbs could have been held accountable by his superiors, who instead chose to shot the messenger. Dobbs did not do much harm by his inactivity, but his superiors seem to me to have done a lot of harm by causing outrage about their actions to response to the situation.
But the real problem is that the citizen's of the state in question have an at-will employment policy, instead of civil service protections. So the imperative is probably to protect the political connected job holders, and thus this result occurs.
Note that we now have civil service reform regarding security agencies at the Federal level. This reform has been compared to the equivalent civil service reforms pushed through by Hitler. Perhaps the results at the Federal level will be even more outrageous than in Dobb's state.
Re:Everyone knows (Score:3, Informative)
Where to begin? Here are the facts:
Actually, it is "boo, boo, boo", as many written accounts of Ronnie Van Zant and the song have long established. I misquoted it the way I hear it - I guess my ears just don't register the "b", and although I "know" better, I still sing "hoo, hoo, hoo" when I hear it.
The line refers to George Wallace, who was governor of the state of Alabama, not of Birmingham. Birmingham is a city in Jefferson County, AL, and has a mayor not a governor.
George Wallace never had the nickname "Blue". I've read that early in his career he was called the Fighting Judge, or the Little Fighter, but never Blue.
Now my interpretation of the line about Birmingham loving the Gov'nor:
It was a sarcastic remark. Wallace was a racist and avowed segregationist. Birmingham had the largest black population in the state. Hence the sarcasm: in Birmingham they love the governor? Not damn likely. The "Boo! Boo! Boo!" part is Van Zant jeering the governor. Zan Zant and the band never supported George Wallace.
At the time Sweet Home Alabama was written, Wallace had never carried Jefferson County in an election. It was rumored that he punished Birmingham by, among other things, withholding federal highway money from the county, and sending it elsewhere in the state. As governor, Wallace got to direct how federal highway funds were spent, and it is a fact that I-65 through Birmingham was the last stretch of interstate highway to be built in Alabama, long after the rest of the state's interstates had been finished.
Wallace's cronies in Montgomery, the state capitol, might have loved him, but not the people of Birmingham. At least not until the "new and improved" George Wallace came along, but that's another story...