Go Back   Tech Support Forum > The Relaxation Room > Offline

Am I being monitored?

This is a discussion on Am I being monitored? within the Offline forums, part of the Tech Support Forum category. I was issued a laptop by my company for personal and private use. There has beed a recent change in


Closed Thread
 
Thread Tools Search this Thread
Old 02-14-2009, 10:43 AM   #1
Registered Member
 
Join Date: Feb 2009
Posts: 1
OS: xp



I was issued a laptop by my company for personal and private use. There has beed a recent change in IT at my company. I want to know if I am being monitored outside of company hours using the laptop.
I understand that most IT departments monitor usage and that I am probably being monitored in some way, but HOW i am being monitored is the question I am concerned with.

__________________
servicetech is offline  
Old 02-23-2009, 12:07 PM   #2
Registered Member
 
Join Date: Feb 2009
Posts: 149
OS: XP SP2



I asked a similar question in another thread about unauthorized monitoring. I'd like to know if there's a Windows based solution. If you know anything about networks, at the command line you can do a netstat -a command to check active TCP and UDP connections to your computer.

If there are any IP address entries connected to your computer that you're not familiar with as a result of that, you can try other commands to resolve what those IP addresses are, they have have names associated with them. But keep in mind you may be connected to some websites (through your browser), which may have initiated such connections as well. So you may want to have your browser closed if you do this command.

__________________
ngrome is offline  
Old 02-24-2009, 07:42 AM   #3
Registered User
 
rbalaji's Avatar
 
Join Date: Dec 2008
Location: Chicagoland
Posts: 1,193
OS: Windows XP SP3



It is difficult to find out if you are being monitored. There are lots of internet filtering softwares out there that can be set up to not do any filtering, just monitor sites visited and put them in a log file. The IT department at your company can then download those logs whenever you connect your computer to the company's network and study them at leisure.

Remember that monitoring does not have to be in real-time, so I doubt a "netstat -a" will give you any useful information.

Also remember that if your company gave you the laptop, it is their laptop and they have every right to monitor directly or indirectly whatever you do on that laptop at whatever time, wherever you are. If you want to do stuff on a computer that you would rather not have your company find out about, leave the laptop at work and get your own PC for home use.
__________________
Balaji Ramanathan

Computers - You can't live with them, you can't live without them!
rbalaji is offline  
Old 02-24-2009, 09:53 AM   #4
Registered Member
 
Join Date: May 2008
Posts: 177
OS: XP / 2K3 / RHE / HP-UX



Look up CompuTrace. This doesn't show in netstat or on a firewall ... it's built into the BiOS of the more popular laptops out there today. It's both Lojack for your laptop and a full mobile software auditor. They even have this stuff for Blackberries now.

You should always remember one thing about company systems (for personal OR business use only) ... a company is going to do everything it can to protect itself, its assets, its intellectual property and information which may be subjected to regulatory compliance.
__________________
Tekmazter is offline  
Old 03-10-2009, 01:09 PM   #5
gone
 
Fren Banklin's Avatar
 
Join Date: Nov 2008
Posts: 1,912
OS: gone



Quote:
Originally Posted by servicetech View Post
I was issued a laptop by my company for personal and private use.
I'm not so certain that all these assertions to the companies "rights" are legally accurate.

If you lease a cell-phone, does that mean the "owner" of the cell phone can monitor your phone calls ?

If you lease a house, can the owner videotape you while you are inside it ?

Can a rental car company videotape you while you are driving it ?

Can Gold's Gym videotape you while you are in one of "their" showers ?

This is not black & white, and I'd be willing to be that there is very little "black letter law" on these issues, given the difference in the rate of advancement between technology and case law.

While the ownership of the laptop may be important, the expectations of privacy on the part of the person it was issued to are also important. Please note the OP stated "personal and private" use, and not "professional" use.

This is the primary problem with "law & order" types, particularly in a technical environment such as this. We all like things digital, either on or off, working or not working. Life is not like that, and people are not like that, which is one big reason why the double-whammy of "law & order" types plus "technical" types makes them socially handicapped.

It's also a good arguement in favor of liberalism, for all it's flaws. Given their natural inclinations, a lot of this certain type of people would have our freedoms limited to only that which was afforded to the American Public 200 years ago, and would ignore the exponential advances in the means by which people inter-relate that have taken place since then.

The biggest problem is not so much the existance of these fascist-leaning personalities. They've always been a part of society, and in many circumstances they are quite useful. Limiting the level of their influence is what is necessary to preserve our freedoms. The first step is to assert the basic rights and freedoms in the new electronic universe that were fought for and died for in the "real" one.

The quote: "The tree of liberty must occasionally be watered by the blood of patriots." is still a critical part of the current human reality, only in this case that tree is made of silicon chips, and bears electronic fruits.
__________________
gone
Fren Banklin is offline  
Old 03-10-2009, 01:50 PM   #6
Team Manager, Articles
Analyst
Rangemaster, TSF Academy
 
Glaswegian's Avatar
 
Join Date: Sep 2005
Location: Glasgow
Posts: 38,493
OS: Win XP Pro SP3 / Win 7 Pro

My System


Well, to me it's quite straightforward.
Quote:
While the ownership of the laptop may be important, the expectations of privacy on the part of the person it was issued to are also important. Please note the OP stated "personal and private" use, and not "professional" use.
If I produce a spreadsheet on a company provided computer, then the company owns that spreadsheet. If the company bought the PC then they own it, whether I use it in the office or at home. If I'm using a company PC then I know that any internet use is monitored and e-mail is monitored. Since I'm there to work, I don't have any complaints on that score. Most companies are quite clear about PC use and most have various rules and regulations regarding appropriate use. If you use a company's network then you have to abide by the terms of use.
__________________
Iain - Defender of the Haggis and all things Scottish.
I don't help by PM - post in the Forums.



PC Safety & Security::PC running a bit slow?::Photographers Corner
Glaswegian is offline  
Old 03-10-2009, 02:35 PM   #7
gone
 
Fren Banklin's Avatar
 
Join Date: Nov 2008
Posts: 1,912
OS: gone



Quote:
Originally Posted by Glaswegian View Post
If you use a company's network then you have to abide by the terms of use.
Abiding by the Terms of Use is very different from submitting to surveillance without being given clear notice that first.

The OP has an expectation of privacy, given that (he?) is asking the question. One does not "default" to the absence of a right to privacy, given no information to the contrary, one defaults IN FAVOR of a right to privacy, unless explicitly stated in advance of entering into the employment contract.

Which is to say, that a company cannot "change it's mind" about deciding one day to surveil it's employees, without first giving them notice that their work conditions have changed, and giving them the opportunity to make the decision to continue working for that employer, or finding a job somewhere else.

Any other position on this issue basically invalidates the (US) Constitution, and invalidates generations of sacrifices that have been made in order to provide us with the freedoms that (we are supposed to) have.
__________________
gone
Fren Banklin is offline  
Old 03-10-2009, 02:53 PM   #8
Team Manager, Articles
Analyst
Rangemaster, TSF Academy
 
Glaswegian's Avatar
 
Join Date: Sep 2005
Location: Glasgow
Posts: 38,493
OS: Win XP Pro SP3 / Win 7 Pro

My System


I'm not subject to the US Constitution....

I doubt the company has "changed its mind" - company policies are likely to have been in force for a while. Such polices are more than likely part of the original employment contract anyway. The simple fact is that if it's company property then they can monitor usage.
__________________
Iain - Defender of the Haggis and all things Scottish.
I don't help by PM - post in the Forums.



PC Safety & Security::PC running a bit slow?::Photographers Corner
Glaswegian is offline  
Old 03-10-2009, 03:41 PM   #9
Registered Member
 
lolarobot's Avatar
 
Join Date: Jan 2009
Location: Plano, Texas
Posts: 484
OS: xp


Send a message via Skype™ to lolarobot

Quote:
Originally Posted by servicetech View Post
I was issued a laptop by my company for personal and private use. There has beed a recent change in IT at my company. I want to know if I am being monitored outside of company hours using the laptop.
I understand that most IT departments monitor usage and that I am probably being monitored in some way, but HOW i am being monitored is the question I am concerned with.
Well, if your company "issued" you a computer for personal and private use, what would their motivation be to monitor you? I assume they just gave this to you and you did not pay for it and you are not going to be using it for work-related purposes, so I am pretty much sure they would not be putting some tracking device on it. Plus, if you don't use a remote desktop or a VPN, how would they even connect into your computer. At least I hope they can't.

But, let me tell you this, as I just recently experienced an "invasion" of privacy issue with a personal and private letter being sent to my work from a friend with money in it. The letter had my name on it, but the front end receptionist opened along with my boss and someone in accounting. I was told that it is company property, regardless... this infuriated me as I felt like this was MY letter, not theirs to open, but guess what, they have the right, just as they have the right to read your e-mails, monitor your chats and all of the websites you visit (believe me, it happens to me.) This is company property and they pay you, so everything you do belongs to them....privacy has no place at work, period. I know it sounds bad, but it is the truth. In fact, at my company, we have cameras everywhere and the boss knows what everyone is doing at ever step. AND, people are not really allowed to chat on their cell phones or receive phone calls.

This is a controversial area and I have read some HR articles regarding to privacy, and in a nut-shell, you really have no right to privacy when it comes to company property...sad to say.

Someone gave an example earlier of rental cars, gyms, etc. but the difference is, you are paying them for their service, so some privacy is implied. When someone is paying you, everything is an open book.

Another thought... why not just ask them if you are being monitored.
__________________
lolarobot is offline  
Old 03-11-2009, 01:59 PM   #10
Registered Member
 
wicket's Avatar
 
Join Date: Mar 2009
Posts: 34
OS: xp32



Re: Am I being monitored?

yup

ADD- and the only probable way of getting any straight answer is to befriend an IT guy where u work..
__________________
wicket is offline  
Old 03-14-2009, 12:44 PM   #11
Registered Member
 
Join Date: Mar 2009
Posts: 2
OS: Vista Ultimate x64



Quote:
Originally Posted by Fren Banklin View Post
I'm not so certain that all these assertions to the companies "rights" are legally accurate.

If you lease a cell-phone, does that mean the "owner" of the cell phone can monitor your phone calls ?

If you lease a house, can the owner videotape you while you are inside it ?

Can a rental car company videotape you while you are driving it ?

Can Gold's Gym videotape you while you are in one of "their" showers ?

This is not black & white, and I'd be willing to be that there is very little "black letter law" on these issues, given the difference in the rate of advancement between technology and case law.

While the ownership of the laptop may be important, the expectations of privacy on the part of the person it was issued to are also important. Please note the OP stated "personal and private" use, and not "professional" use.

This is the primary problem with "law & order" types, particularly in a technical environment such as this. We all like things digital, either on or off, working or not working. Life is not like that, and people are not like that, which is one big reason why the double-whammy of "law & order" types plus "technical" types makes them socially handicapped.

It's also a good arguement in favor of liberalism, for all it's flaws. Given their natural inclinations, a lot of this certain type of people would have our freedoms limited to only that which was afforded to the American Public 200 years ago, and would ignore the exponential advances in the means by which people inter-relate that have taken place since then.

The biggest problem is not so much the existance of these fascist-leaning personalities. They've always been a part of society, and in many circumstances they are quite useful. Limiting the level of their influence is what is necessary to preserve our freedoms. The first step is to assert the basic rights and freedoms in the new electronic universe that were fought for and died for in the "real" one.

The quote: "The tree of liberty must occasionally be watered by the blood of patriots." is still a critical part of the current human reality, only in this case that tree is made of silicon chips, and bears electronic fruits.
While I agree with you in principle, the sad fact is that this is not a law per se, but a series of precedents from lawsuits. I did a paper on this in college, and was pretty sickened by what I found out. In essence, if a company provides you equipment, they have every right to monitor how it is used. However, according to precedent, there should be a company policy that is in place that you would have had to agree to at some time or other. Government entities have purposely stayed away from this topic or passing laws because it can be so controversial (that's what they say, anyway). Personally, I think it's because so many of the corporations that use monitoring are contributing large amounts of money to political campaigns, but that is only my opinion. There is a limit to what they can monitor, but when it comes to a computer, they're allowed to monitor every single thing in it, including keystrokes, any personal information you have entered--including any websites or passwords that you have used--and there is no limit to ways of doing it. How they use this information is up to the company, and this is where it can get scary. What if you used the computer to check your bank balance? Do they have your login/password? Yes. Can they use it? No. But they have it, and anyone who has access to the monitoring programs had better have solid ethics... Is there a webcam on the computer? Think about it.

The best thing to do is never use company computers for anything that you don't want monitored.

Edit: Obviously I'm referring to US law and precedents, forgot to add that.
__________________
zooterboy is offline  
Old 03-15-2009, 12:36 AM   #12
Registered Member
 
Join Date: Mar 2009
Location: Perth, Australia
Posts: 24
OS: Depends on the PC :)


Send a message via ICQ to Geminii Send a message via AIM to Geminii Send a message via Yahoo to Geminii

The easiest way to get around the whole issue is to use company property for company-related activities, and personal property for personal activities.

In the fifteen years I've been using corporate computers for various things, I never logged on to any of my personal website, forum, bank or third-party accounts with them. This isn't because I distrusted the company; it was because I have seen so many accounts of company data being stolen, misused, lost, inappropriately duplicated etc. The web gateway admin may not steal my online ID or passwords, but what happens when the logs are accidentally 'temporarily' copied to a system which is then mislaid, depreciated, and sold at auction without being sufficiently wiped?

Put simply, I simply do not trust any bureaucracy-riddled corporate IT setup to be absolutely guaranteed to either safeguard/delete my personal data, or be able to keep my surfing/email records out of the hands of whichever next executive decides to go on a random witch hunt or look for a scapegoat for something two years down the track.

I also do not trust that the same disturbed executive or an overly-gung-ho sysadmin on the edge has not that week arranged for all corporate IT assets to actively spy on the employees. Such a scheme may collapse in days (or years), true, and the responsible people fired, but the data's still been collected.
__________________
Geminii is offline  
Old 03-15-2009, 06:48 AM   #13
Registered Member
 
Join Date: May 2008
Posts: 177
OS: XP / 2K3 / RHE / HP-UX



Fren Banklin: Much of what you're talking about is state regulated and not federal. I'm not a lawyer but my company has several which advise IT regularly. In the state of MA, once we have the initial Acceptable Use Policy signed, we don't need anything else. There is no 'expectation of privacy' which is clearly stated in the AUP. This includes the use of company-owned electronic equipment. in its facilities or on the phone. You can be monitored by the company without first being given notice. You'll also notice the terminology around electronic equipment. Its scope is nearly all encompassing.

Geminii The problems you describe can happen at any level in life --not just a business. It's clear you're fearful of being used as a scapegoat. However, everything else you speak to happens everywhere and not just in companies. How many used personal computers are sold? How many are stolen? How many were wiped using DoD standards? Hopefully you look to work for organizations that take this stuff seriously so you can mitigate much of what you're talking about.

I agree completely with your statement about how you use equipment in the workplace vs. home.
__________________
Tekmazter is offline  
Old 03-16-2009, 12:12 AM   #14
Registered Member
 
Join Date: Mar 2009
Location: Perth, Australia
Posts: 24
OS: Depends on the PC :)


Send a message via ICQ to Geminii Send a message via AIM to Geminii Send a message via Yahoo to Geminii

Tak: Eh, I've actually _been_ used as a scapegoat plenty of times in business. I've also seen people walked out the door for misusing company resources. It's simply a choice of security over momentary convenience. I've never run into a situation where I absolutely HAD to access something personal over the net during business hours. Even for banking, there's the phone - which is usually unmonitored.

If I super-desperately had to access something from work, I'd bring in a laptop and see if I could find an open public WAP. Or ask for a long lunch and hit an internet cafe.
__________________
Geminii is offline  
Old 03-16-2009, 08:29 AM   #15
gone
 
Fren Banklin's Avatar
 
Join Date: Nov 2008
Posts: 1,912
OS: gone



Okay, so lets assume that from this point forward in the evolution/development of humanity, "we" collectively will all be subject to constant, 24/7 surveillance by the "watchers". And with the cost of data storage falling so dramatically, the results of that watching will be saved for all eternity.

Who is watching the watchers ?
__________________
gone
Fren Banklin is offline  
Old 03-16-2009, 07:07 PM   #16
Registered Member
 
Join Date: May 2008
Posts: 177
OS: XP / 2K3 / RHE / HP-UX



Quote:
Originally Posted by Fren Banklin View Post
Okay, so lets assume that from this point forward in the evolution/development of humanity, "we" collectively will all be subject to constant, 24/7 surveillance by the "watchers". And with the cost of data storage falling so dramatically, the results of that watching will be saved for all eternity.

Who is watching the watchers ?


Who is watching the watchers?

It should go without saying that there are already federal guidelines around the conflict of interest which can occur in IT --specifically when it comes to SOX, SAS, and FISMA. Without getting into specifics, the watchers are also watched. Again ... there is no expectation of privacy. Of course small businesses are not going to have these levels of control. However it should also be understood that the sophistication of such shops is also generally smaller in terms of what it can monitor due to the ever increasing costs of IT.

Also, it would be rather dubious of an institution to not protect both its employees and itself by implementing data retention policies around such monitoring. Storage is cheap enough to save data for many years. However, e-discovery is HUGE when it comes to litigation and a company better think long and hard about what it plans to offer in terms of information before litigation begins. The more information an organization decides it will retain, the more responsibility it will have to ensure it provides everything during the said period of litigation. If it does not, or it goes outside the guidelines of its own policies and procedures, that very organization is liable.

To speak to Gemenii's point of being used as a scapegoat and to the overall thread starter ... It's more important now than ever that you understand what the policy is for the organization you work for. If you signed something during your initial hire, make sure you read it and you understood it. I cannot stress this enough.
__________________
Tekmazter is offline  
Old 03-17-2009, 12:11 AM   #17
Registered Member
 
Join Date: Mar 2009
Location: Perth, Australia
Posts: 24
OS: Depends on the PC :)


Send a message via ICQ to Geminii Send a message via AIM to Geminii Send a message via Yahoo to Geminii

Quote:
Originally Posted by Tekmazter View Post
To speak to Gemenii's point of being used as a scapegoat and to the overall thread starter ... It's more important now than ever that you understand what the policy is for the organization you work for. If you signed something during your initial hire, make sure you read it and you understood it. I cannot stress this enough.
Absolutely. There was at least one employer where I used to keep paper copies of the work policies and manuals on my desk simply because I got called on the carpet so often that the visitor's chair in the manager's office should have had my name on.

Every single time, I would beat the accuser over the head with the corporate HR rules, showing that I was most definitely in the right. A later verbal trick by another contractor working there led me to develop a little more verbal judo, such that I could often turn the tables and point out where the accuser had broken a number of rules of their own and start pushing for their own auditing, demotion, or dismissal.

After a few years, people stopped accusing me of things out of the blue, for some reason.

At least, the ones who were left.
__________________
Geminii is offline  
Old 03-17-2009, 06:09 AM   #18
gone
 
Fren Banklin's Avatar
 
Join Date: Nov 2008
Posts: 1,912
OS: gone



Quote:
Originally Posted by Geminii View Post
Absolutely. There was at least one employer where I used to keep paper copies of the work policies and manuals on my desk simply because I got called on the carpet so often that the visitor's chair in the manager's office should have had my name on.
It's c**p like that that caused me to become self-employed.

I LOVE my boss.
__________________
gone
Fren Banklin is offline  
Old 03-17-2009, 08:50 AM   #19
Moderator
- Microsoft Support
 
djaburg's Avatar
 
Join Date: May 2008
Location: San Diego, CA
Posts: 4,735
OS: XP SP3/Vista/7 Server 2K/2K3/2K8 Linux



Quote:
Originally Posted by servicetech View Post
I was issued a laptop by my company for personal and private use. There has beed a recent change in IT at my company. I want to know if I am being monitored outside of company hours using the laptop.
I understand that most IT departments monitor usage and that I am probably being monitored in some way, but HOW i am being monitored is the question I am concerned with.
After reading all of the arguments/discussions above, it appears to me that the biggest question in my mind was did you sign an acceptable use policy at any point and what is in the contents of that AUP? Although I keep hearing how people's rights are being violated by "the watchers" and their intrusive tactics, doesn't the company have the right to ensure that their resources (people and equipment) are being used for the purpose for which they've been employed? Don't they have the right to ensure their intellectual property is being protected? Don't they have the right to minimize their liability?

A wonderful case in point. I was called by a small business to diagnose an issue regarding their slowing internet connectivity. A quick scan of the network showed an excessive amount of traffic from two computers on their LAN. One was running Limewire and was sharing music and applications, then other was listening to an internet radio station all day.

First, without monitoring, the company is at substantial risk of violating the law in regards to illegally sharing files/music. So who's rights are being violated? The employee was extremely upset that her "right" to use the computer as she saw fit as long as her job was being done was being limited by "the man".

Second, the company is paying for internet access in order to do their job and not necessarily entertain themselves. A closer look revealed that the employee listening to internet radio also spent virtually all day on myspace and using IM. This person was counseled on appropriate computer use in the office. Again, the employee was appalled that his activities were being questioned and felt that he should be able to do what he wants on "his" computer.

That's where I think the company has every right to protect itself and its' investment in people and technology. Unfortunately, too many people adopt the attitude that their employer is blessed to have them and should do everything in their power to satisfy their needs, as opposed to being glad to have a job when so many talented people don't.
__________________


From time to time, we have been tempted to believe that society has become too complex to be managed by self-rule, that government by an elite group is superior to government for, by, and of the people. But if no one among us is capable of governing himself, then who among us has the capacity to govern someone else?
-Ronald Reagan, 1981 Inaugural Address-
djaburg is offline  
Old 03-17-2009, 09:55 PM   #20
gone
 
Fren Banklin's Avatar
 
Join Date: Nov 2008
Posts: 1,912
OS: gone



Quote:
Originally Posted by djaburg View Post
That's where I think the company has every right to protect itself and its' investment in people and technology. Unfortunately, too many people adopt the attitude that their employer is blessed to have them and should do everything in their power to satisfy their needs, as opposed to being glad to have a job when so many talented people don't.
Er, um no. They don't have EVERY right. They don't get to search your car as you leave the parking lot, on the chance you stole a company pencil.

While I agree for the most part with most of what was stated, the overall tone seems to encourage some odd notion that employers have some sort of power and/or authority.

All employment is a mutually agreed upon contract. There will always be nit-wits that do things like run LimeWire from the company computer. Rather than characterizing the focal point about the nitwit, how about the manager that failed to notice the loss of productivity ? How about the Human Resources person that hired them in the first place. If an employer is going to be afforded some much power, somehow given to them as an extension of their "rights", then let's also hold them to a commeasurate level of responsiblity for having all this power.

Further, in the case of the nitwit with the LimeWire, where was the Network administrator, and who was it that decided they didn't need one until they contracted-out someone to come in and find out that there was an entire host of problems, and why (given that) was the focal point only the nitwit ?

Easy to point the finger at the 20-something nitwit. Harder to hold his 40-something boss responsible for failing to notice his lack of productivity, and his 60-something year old boss for having hired them both, failed to put in place adequate internet security precautions, establish clear rules and guidelines regarding the use of company resources, and a system of checks and balances so that no one in the company can claim the have any "right" to fail to produce results for their income.

I figure, the more money you make, the more power you have, the greater the level of responsiblity you have, and also the greater the negative consequences when your failure as a manager are made obvious. And I always wonder about people that feel comfortable blaming the bottom rung, while ignoring the entirety of the cancer in the ladder above it.

During the stock market crash of 1929, there were people jumping from windows of skyscrapers. Today, AIG executives are trying to give themselves bonuses, when instead someone should be pushing them out those very same windows.

__________________
gone
Fren Banklin is offline  
Closed Thread

Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is on
Smilies are on
[IMG] code is on
HTML code is Off
Trackbacks are Off
Pingbacks are Off
Refbacks are Off


Post a Question


» Site Navigation
 > FAQ
  > 10.0.0.2


All times are GMT -7. The time now is 11:40 AM.


Copyright 2001 - 2014, Tech Support Forum

Windows 7 - Windows XP - Windows Vista - Trojan Removal - Spyware Removal - Virus Removal - Networking - Security - Top Web Hosts