I just sat through a presentation from our main software vendor today that really got me thinking about privacy and security.

The company is a good company called ASAP Software. They keep track of all our software licenses and soon our hardware (end user machines). It tracks things like what licenses do we own, what do we need to buy, do we have more than we need etc.

It also covers us if a disgruntled employee takes off with a laptop we can track them when they log into the internet.

The way we've been ordered to impliment this software is that we use login scripts to install an agent on each machine that uses port 80 to send information to our vendor. The information includes ALL EXECUTABLES on the machine (the names and meta info only) then they colsolidate the licenses with their databases and we can run reports.

It's a nice concept, but then I started thinking. I login from home almost EVERY night to do miscellaneous work. That means any software I am runing at home gets recorded and they can see things like how much disk space and memory I have and what favorites I keep etc.. It's pretty scary. Of course it can be defeated with a personal firewall that will block by application, but for the most part the average user is in for a rude awakening.

As soon as possible I am converting to Linux on my work laptop. All I need to do is make sure that I can log into the Exchange server here to get my mail and calendar changes.