On Wed, 20 Sep 2000, mouss wrote:
Hi, there's more deviling to be done...
> >You could argue this. In many companies, the fact that firewall's can be
> >used to monitor employee internet access is one of their biggest selling
> >points. Employer's own the PCs, bandwidth, and even time that employees use
> >for surfing, so why call it 'spying?'
>
> This seems true, but imagine an employer trying to hire someone and saying "ok,
> I'll give you access to a PC, but don't forget it is _mine_, and you should
> only use
> it for the company eneift, and I am the one who decides what is good". I'm
> sure the guy
> goes for another company. In other words, while there are some "obvious"
> facts such as
> who owns what in a company, this is only true from a legal viewpoint. If my
> boss
> ever touches my PC, then he will hear about it: eventhough my PC belongs to
> the company,
> it is mine while I work for the company. This is not contradictory. The
> only reason someone
> in the company can use my PC is either they have a problem with me, and
> then they better
> be right there, or the guy asks for my authorization.
This is a dangerous precedent to set, especially in the US. Setting an
expectation of privacy makes all sorts of legitimate troubleshooting and
analysis potentially illegal.
> I have nothing against an employer claiming that one should use _his_
> resources the way he
> decides, but ten let him write a formal paper on the usage. Then believe
> me, I won't take any initiative,
> I'll follow the paper. Clearly, this is not what an employer wants.
Well, perhaps people with that attitude aren't what an employer wants- it
always bodes well to consider the opposite side. I'm sure that a good
segment of the workforce would flock to a company where they didn't have
to show up for 3 out of every 4 weeks as well, that doesn't mean it's a
good business choice or that it's something companies should go implement
(as much as we'd all like that!)
> >Is it spying to monitor my home with
> >an electronic surveillance system, or cameras in order to catch someone who
> >breaks in? If not, then how is it anymore spying to monitor usage of my
> >resources to ensure no one is abusing them?
>
> if you set up a camera to watch what yur wife does at home, then this is a
> sort of
> spying and is not good. In other words, if you don't have confidence in people
> you live/work with, then there is a problem anyway.
This isn't necessarily true, there's an old security addage "Trust but
verify" which has held itself in good stead over the years. The reason
that major spy cases happen is that the trust boundary is too
impermeable.
> Also, as I said above, these are not _your_ resources. You gave them to
> your employees
> to make you earn money. Giving them the freedom to use the resources
> make'em feel
> better, and probaby more productive, which is exactly what you want. do
> they watch porn?
> so what? I prefer to have people who watch porn and are efficient over
> those who are "normal"
> but produce nothing.
Obviously .fr has different liability laws than .us. How would you feel
if your fiancee/mother/spouse/significant other had to deal with a
co-worker physically making themselves "feel better" while viewing porn
in the office?
> > In corporations where proposals
> >are sent by email, and web access can be business critical, is it wrong to
> >keep users from downloading MP3s and surfing for porn while other, business
> >critical traffic, is forced to queue up or time our entirely?
>
> This argument is almost reasonable. However, let's just take email. This is
> a forward
> and store protocol. In other words, it is difficult to say when the message
> will arive since
> it depends on the config of all the relays between the systems (this is not
> a stupid choice,
Ah, but resource utilization by e-mail has nothing to do with that. When
you have >20,000 users and 30% of your traffic is "joke lists", "dancing
baby programs" and things like that, the company shouldn't have to pick up
the extra disk space, bandwidth and loss in productivity should it?
> it is reasonable: you don't wanna deliver messages when you receive them,
> but on a periodic
> basis). Let's now tae the web. seen how long it takes to download pages?
> This is primarily
> because there are too much users compared to the lines ISPs have installed.
Or there is too much invalid usage by employees who should be doing their
jobs instead of {Wedding planning, car buying, stock trading,
porn-surfing...}
> In other words,
> the problem is that the available resources are inadequate, and not because
> of users but because
> of financial decisions by ISPs and by companies. Believe me or not, I have
For the set of companies that I've seen bandwidth and latency problems,
it's been related to "inappropriate or recreational usage of network
resources" 99.99999% of the time (a single problem with a provider's ATM
backbone in the years I've been doing this.)
> less problems connecting
> to the net from home than from my office (though the company pays the high
> price!), just because the
> office is conected to a very used network.
>
> But let's imagine you're right. Then it is a question of priority. Why
> would I not surf just to let the sals director
> get his email/web pages qucikly? Is his work more important? How can one
> says if my surfin is good or not?
In >80% of the cases it's pretty easy, a grep through the proxy logs makes
it pretty obvious who's doing real work and who's running a mail order
business from their desk, or executing stock trades all day.
> After all, all I've learned comes primarily from publicly available network
> resources. How much would a boss
> pay for all that stuff if it was not available on the network?
Some of this should fall under acceptable use, as far as self-education
time is budgeted. How much work didn't get done while you were satisfying
your curiosity is probably astounding though ;)
> >This is an educational issue. It's important to inform people about how to
> >read reports.
>
> Here I fully disagree. Educational issues are the one to stay unsolved, if
> nt for eternity,
> then for very long. Yo can tell them what you want, there are things that
> you can't change
> in people behaviour. I hear'em say "Don't repeat it, it's a secret, but
> you're my friends so I'll
> tel you: Bob porn-surfed yesterday" (I'm proud of my "porn-surfed" word!).
> Also, when you
> know something, you can't act as if you don't. The day the guy infuriates
> you for some reason,
> you'll find it hard not to repeat what you know.
Fighting is a "natural behaviour," as is flirting, cheating, stealing and
a host of other things that aren't appropriate for a work environment.
Lines must be drawn somewhere.
> >This is true, but somewhat akin to saying that people will waste time, so
> >why try to stop them. Besides, I think the concern is not so much users
> >wasting time as it is the fact that they're wasting resources. Those
> >resources could be helping someone else who is working and bringing in
> >business to the company actively.
>
> Right, but if it is a resource sharing proble, then "active" control is not
> necessary.
> react when your connection is bad because of "free surfing". Then if you
> have reasonabl people at the office, you'll come to a peaceful solution. If
> you have egoist people, then no solution is good, it'll be the jungle law:
> those who
> have the power will have the connectivity.
This is not a good way to engineer networks or companies. By the time you
let something become acceptable enough to be a problem you'll never stop
it without firings or formal issues with otherwise good employees.
Paul
-----------------------------------------------------------------------------
Paul D. Robertson "My statements in this message are personal opinions
[EMAIL PROTECTED] which may have no basis whatsoever in fact."
PSB#9280
-
[To unsubscribe, send mail to [EMAIL PROTECTED] with
"unsubscribe firewalls" in the body of the message.]
