November 5th, 2002, 05:18 PM
Something a little scary...
I just sat through a presentation from our main software vendor today that really got me thinking about privacy and security.
The company is a good company called ASAP Software. They keep track of all our software licenses and soon our hardware (end user machines). It tracks things like what licenses do we own, what do we need to buy, do we have more than we need etc.
It also covers us if a disgruntled employee takes off with a laptop we can track them when they log into the internet.
The way we've been ordered to impliment this software is that we use login scripts to install an agent on each machine that uses port 80 to send information to our vendor. The information includes ALL EXECUTABLES on the machine (the names and meta info only) then they colsolidate the licenses with their databases and we can run reports.
It's a nice concept, but then I started thinking. I login from home almost EVERY night to do miscellaneous work. That means any software I am runing at home gets recorded and they can see things like how much disk space and memory I have and what favorites I keep etc.. It's pretty scary. Of course it can be defeated with a personal firewall that will block by application, but for the most part the average user is in for a rude awakening.
As soon as possible I am converting to Linux on my work laptop. All I need to do is make sure that I can log into the Exchange server here to get my mail and calendar changes.
November 5th, 2002, 09:59 PM
We are using Ximian in RH7.3 and RH8.0 to get to our Exchange server and it is working very well.
Work... Some days it's just not worth chewing through the restraints...
November 11th, 2002, 12:07 AM
If you're logging in from home on your PERSONAL PC, and your work is installing this little executable on it, you (and your management staff) should be very concerned about invasion of privacy issues. It is not the business of your employer to be checking the licenses of software users have at home, and in fact it might just be illegal.
I know I would never work for a company that did that, and if they did it without telling me I would immediately file a lawsuit.
As a company, you don't have control over your employee's personal machines. The fact that there are companies that are providing software to track employee machines at home is extremely disturbing.
Of course, not to mention it's definately none of that 3rd party's business what software you're using on your home PC. If it is configured to only look for EXE's that pertain to the business applications (like SAP, ADP, HR programs) that's one thing. But if it's recording other things like that bogus copy of Photoshop that the VP's 15 year old downloaded off of Kazaa...that's another thing.
November 11th, 2002, 07:08 AM
The best way of insuring personal privacy is not a firewall it's a wall of air, dont have personal information on a box that connects to anything else . All my personal accounting , family photos and such are on a computer that is not connected to anything.
[shadow]Seek the truth and it will set you free[/shadow]
November 11th, 2002, 09:54 AM
Question, does this program that sends data via 80 use http?
If it does use a man-in-the-porxy eg Achilles. tell your internet or lan connection to point to the port you have set Achilles on. Achilles will then catch the HTTP requests, for you to edit and then send or not send on. Also using this you would be able to find the IP address or host name of there server. From here set up for fire wall to block all traffic to and from the address. Simple
I\'m a SittingDuck, but the question is \"Is your web app a Sitting Duck?\"
November 11th, 2002, 11:07 PM
Excellent idea Sittinduck... I am very concerned about the home use as well.
I was told by our power that be that the use is for work machines only and that home users should use company supplied laptops only. We should not use our home machines.
I use my machine all the time, I have several tools I use for work on my home lan. I am really trying to get a client that will work with our VPN.