But increasingly, the 21st century is being defined by the split between
people who think your computer should do what you tell it, and people
who think that you can’t be trusted to control your own computer, and so
they should be able to run code on it against your will, without your
knowledge, and to your detriment.
Having been computery since my wee ladhood, I’ve always been of the distinct flavour that a computer is for assistance at my beckoning, and should never, ever do anything that I don’t ask it to.
This will be a rocks vs shields race, forever. Better rocks, better shields, better rocks, etc.
The massive importance this highlights for privacy is beyond reckoning.
Yeah, but the people with the biggest rocks get to make the rules.
Oh, absolutely. But privacy as we understand it today will probably seem a quaint notion in 10-20 years. The good intentions (shudder) of our governments and corporations will be the only real shield we have. Maybe in some imaginary future we will all have a personal AI to manage our personal data to protect our exposure to bad actors.
It’s okay because they’re your employer and the laptop belongs to them. It’s their property doing what they want their property to do. But that’s different from exploiting bugs that were at some point deliberately inserted by others to act against the person who supposedly owns their machine.
The lines blur a little at the owner/user distinction, but generally I think it’s fair to talk about the vulnerability “ecosystem” in a way that looks at the general impact of certain policies by software vendors and government agencies.
Disagree with the library one: Library policies are a function of community needs. I’d rather have my library neither track nor block the people using the resource. In fact, my library does neither, and I’m happy with that. Is there something to be said for keeping people from browsing for porn in plain sight? Sure: But it hasn’t become a problem in need of fixing yet. Especially with the USA PATRIOT Act essentially making your reading habits public knowledge.
As for the coffee shop: No one’s looking. Everyone is too damn busy. They’re not going to pay for a full-time IT guy to engage in net surveillance.
Yeah. I work in an elementary school. They make the boys take Judo and the girls take Dance. It’s only about 2 hours a week, but if you calculate 3rd-7th grade, that turns into over 400 hours of professional training to exacerbate the frequent size and density differences between their adult bodies. If we add to this an arms race based on cyber-skills and the social support necessary to gain and develop those skills in environments where one is valued, it paints a depressing picture. Made me think that producing some guidelines for outreach workers to address how to determine if tampering has occurred, and how to simply migrate all your contacts and data to other devices/accounts without being followed would be a good idea. I’d need someone more skilled at counterspy to help, though.
Good question. I think that I agree with user the-borderer in saying that it’s more for a relationship counsellor to make that call, but I can say that in any relationship in which I am a participant, a 100% no spying policy, combined with bodily autonomy even for the kissy stuff, is how we do it. I think that if the family savings account is at risk, you have to remove the addict’s direct access to that money instead of trying to stay above the curve of their compulsions and thereby head off their use of that money. I have experience in addiction and recovery circles, and consider the syping also basically inefficient- it’s really just morbid fascination that reflects the desperation of partners who are in situations with addicts.
Am I the only one who thinks it’s NOT ok for your employer to install spyware, etc. on company issued computers or phones? At my work, I am not supposed to lock myself in the bathroom stall and look at porn on the job, but they aren’t allowed to put a camera in there to guarantee that. Once more, I think job security should have to do with productivity and attitude, so if you are doing enough work to meet and/or surpass the agreed upon labor/compensation agreement, they can step off. If you have a ton of top-secret info on your work computer, and are operating at that high clearance level, perhaps we can talk but I hope the pay is wicked good.
to add to that; if you’re going to give me a phone (or laptop) and expect me to have it with or near me 24/7 so I can do work for you after hours, on the weekends, and on the road then how’s about you bugger off and stop watching me. You trust me to carry information around outside the office, and the damage I could do with that info is probably far worse than anything I can do on teh internets.
By all means add some decent anti-virus, anti-malware and whatnot. And, fine; have reasonable policies about ‘appropriate’ web use while on business premises, enforced the old fashioned way via a response to a complaint. Just stop this passive-aggressive spying all the damn time.
They mean you need physical access to the device. If you have a pass locked device (and a secret password) installing spyware without physical access and the pass is only in the realm of feasibility of NSA, GCHQ and other serious (state) hackers.
You need to be more careful. It’s not always the operator of the network doing the snooping. Any non-https sites with login can be hijacked via the cookies being mounted a-la firesheep. Exploits can be run against non-patched machines on the shared network. These can be launched from push-button software (script kiddies) so it’s always important to exercise care.
I would agree that a library is safer than the coffeeshop but a coffee shop IS NOT SAFE. You don’t know who works there. The barista could be tech saavy and want to harvest a bunch of accounts for nefarious reasons. Do not trust public internet for bank logins etc, unless through a paid VPN.
Sorry man nope. I agree that companies which don’t trust us are setting themselves up to be deceived by their staff (mistrust breeds mistrust) but it’s entirely within their legal right to do so and I’d argue it’s okay. They pay you for a reason and expect you work for the hours you’re supposed to work for.
That being said, if you’re doing everything you’re supposed to then your employer would be foolish to make a big deal out of it. The only time you’d be right is if an employer was monitoring your use outside of the hours you’re expected to work.
My advice is this: don’t do stuff you’re not supposed to but if you have to, befriend the IT guys. As long as you’re not doing serious shit the IT guy will always turn a blind eye if they’re your buddy. If you’re using work resources to break the law they may well and are within their rights to come down on you because it’s them who will be sued.
If you have access to the wifi settings on your work machine and you want to do something privately on your work machine, unplug the network and use your phone’s wifi hotspot.
PS: Typed, like almost all of my comments here, on my work machine and work internet.
Well, I’d say that I’d prefer that as well, but I do always make the assumption that if I am not on my own network (and even then…lol), my activity is likely being tracked.
Your activity may not be “paid attention to” – that wasn’t my point. My point was that if you’re on SOMEONE ELSE’S NETWORK, don’t act is if your activity can’t be tracked (and even if you’re on your own personal network…).
Also, if you are at, say, McDonald’s, most of them require you to sign a user agreement before you’re able to use their network.
I disagree, because I don’t believe that employers have the right to 100% of my absolute maximum panting like a dog ability to work. They have the right to a high level of efficiency, and to get a good value for the pay we agree upon. But if I am exceeding that level, and decide to go easy on my brain one day, or fill out my passport application, or whatever, their spying only serves to try to own more workpower than they are paying for. If I’m a lousy worker who doesn’t get enough done, they can use that fact to help me find a new area of work. I do think it’s reasonable to ask workers to sign in to somesort of green/red/yellow light system (like on Skype) to show when they are at their machines, but that is active on the part of the worker, like swiping a key card to get into the building.
I’ll add in all thoroughness that I work at a job where using my paid time for personal matters is nearly impossible and where we don’t get a company computer, so my position is one of principles, not of complaining. If I needed to work at a company, though, I would try very hard to avoid ones that put spyware on machines and then required you to use them, or worse bring your work home and then be spied on over the weekend.
I understand your position and agree, but it doesn’t change the fact that: it’s entirely within their legal right to do so
Notionally you’re supposed to do things like fill out your passport thingy in your lunch break. That is entirely reasonable and also protected by law.
In the end of the day, any place that cares so much about working me like a dog irrespective of results is a place I don’t wanna be working anyway. What companies do within the law and within the rules set out in your contract, they are within their rights to do so: the argument being that we sign a contract before starting work and if you’re unhappy with any of the things in the contract (where this situation is inevitably covered) then don’t sign the contract.
As I said man: I’m on BB almost exclusively at work, I’m constantly watching tech stuff and listening to podcasts while I work, and yeah… if my brain’s not on one day and there’s nothing vital to do I’m perfectly happy to spend the whole day doing nada. All I’m arguing is what is legally the case. If your company is spying on you to that degree: quit today.
The toilet in your office is work-issued, too, and you can do all kinds of bad things in there (employee theft and employee toilets are closely linked). Is it OK for your employer to watch you in the toilet?
Uh… I wasn’t arguing for or against such monitoring. I made a few statements of fact. The fact is that employers can and do monitor your internet usage. Whether or not I personally think it is “OK” was not my point. It’s not illegal. Expect them to be watching you.
That said, I suppose I shouldn’t be surprised that the sort of person who thinks privacy while taking a shit at work can be related to using your employer’s internet connection is also the sort of person that makes shit up so they can start an argument on the internet.
