Honestly, that is horribly horribly wrong and plain laughable. You are potentially circumventing all of the security your corporation has put in place.
Not if you have your own machine and you keep work "off the
laptop". (eg, never had connected to their network in any way,
no wireless (other than the cell modem) no cached passwords, nothing.)
I don't see the risk, unless the person that's doing it is deliberately
using the computer to steal internal data. And hell, if they wanted to
do that, they could just use a USB key instead. (course at that point
the security problem is more human than computer based!)
Using tools like Websense doesn't make your company a nanny state,
I beg to differ- instead of installing software to monitor people's
use they should just go back to the old method... which was firing
people that don't produce. People seeking software solutions to
human "problems" is almost always an abject failure. I've never seen
the benefit of content filtering, except for trying to nanny people who
shouldn't be working at a given company to begin with.
sure it could be viewed as a means to enforce the corporate culture and political views but really they are paying you to perform a task other than surfing the web so it is no only their right but potentially a regulatory/due diligence requirement.
Indeed some requirements are by regulation but more often than not
I see content based filtering systems put in place as a matter of corporate
politics and lawyerism. They're not "real security" in any sense. A firewall,
IDS, bandwidth monitoring.... is one thing... but content filtering is usually just plain
obnoxious. Sometimes the filtering even conflicts with existing corporate policy...
eg, a policy may allow for "personal internet use" but then they decide that mary
hairnet buying wigs is acceptable but that some guy browsing a gun board is not.....
![[rolleyes]](/xen/styles/default/xenforo/smilies.vb/042.gif "Roll Eyes [rolleyes]")
Further, the vast majority of filtering is not installed as a result of
something like, government banking regulations, etc. It's installed because
some PHB thought it would be a good idea to apply a software bandaid
to a human problem, or decided to buy it to suck up the remainder of a
budget allocation.
You missed the part, apparently, where I laced a few disclaimers into
my post, for precisely the reason's you're talking about. Obviously in
some situations doing -anything- to circumvent security would be
unsuitable. People have to use their own discretion and judgement when
it comes to these things. Obviously if the cards aren't in your favor
then you could be fired, have your career ruined, etc. Circumvention is
not acceptable for everyone, I will agree with that. (And in some rare
cases, not adhering to policy can result in criminal charges, but that's doubtful
99.9% of the time, unless you work for the government or a tightly regulated
entity. )
If you have to ask people how to circumvent the controls that your corporation has put in place to protect their information and assets you are the worst threat to that corporation's information security and integrity. But you all will be the first ones bitching when your non-public information is compromised in some form of a breach.
Yes, so installing software that blocks a gun board while allowing phishing
sites that don't have "offensive" keywords in them.... yes... everyone will be
saved at that point.
EDIT: I am horrified to see that your profile indicates you are a network admin.
Where was the oath about having to agree to crap technology like
content filtering and poorly written process automation software?
I must've missed that memo. There are some things I oppose on
principle, and if it means that the customer has to use a different vendor
than so be it. Theres plenty of other work to be done in computing that
doesn't involve dealing with worthless technology. Yes, opposing
crapware is such an irresponsible concept! There will be wailing and gnashing of teeth if
software like "elrond internet manager" didn't exist.... oh, how did we get
along without it?"
![[laugh]](/xen/styles/default/xenforo/smilies.vb/012.gif "Laugh [laugh]")
If you truly think that this activity wouldn't compromise your network I have a few links I will send you to click on while at work tethered to a mobile device.
I'd love to see someone pull that off.... jump from a laptop that's not connected to a
corporate network in any way shape or form, and have the screen summon an ethereal
fairy which would then pull information out of the air through that compromised machine.
You should call up the NSA- I'm sure they'd love to give you a 6/7 figure job if you have
software that can defeat an entire physical layer of separation. (Note, I'm not doubting the
efficacy of a local root exploit, but making a machine connect to a network
by a network link that doesn't exist would be pretty difficult. )
Edit: Just to be perfectly clear here- A company can make any policy it pleases WRT internet
use, etc. It's their right to do so.... Doesn't mean I necessarily will agree with it, especially
if the policy is misguided and benefits other companies that produce worthless crapware. IMO buying
that stuff is worse than having a policy, as it basically rewards individuals for producing utterly
worthless crap.
-Mike
