1. #1
    hamba's Avatar
    Join Date
    May 2005
    Location
    Down Here
    Posts
    8,704
    DW Cash
    38
    Post Thanks / Like
    Downloads
    0
    Uploads
    0
    Mentioned
    13 Post(s)
    Tagged
    0 Thread(s)

    Protecting your Facebook privacy at work isn't just about passwords

    Protecting your Facebook privacy at work isn't just about passwords

    If your employer gets to control the software on your computer it could be snooping on you at all times



    Facebook users need to be protected from employer snooping. Photograph: Yannis Behrakis/Reuters



    Facebook has threatened to sue companies that force their employees to reveal their Facebook login details. As laudable as this is, I worry that it will fail to accomplish its primary objective protecting Facebook users from employer snooping.


    Increasingly, firms configure the computers and devices on their internal networks to trust "self-signed certificates". These cryptographic certificates are the same files used by your browser to establish secure, eavesdropping-proof connections to websites and to validate software updates, and to generally validate the identity of remote machines and guard the files they send you from tampering and spying.


    Firms have legitimate (ish) reasons to install these certificates. Many firms treat the names of the machines on their internal networks as proprietary information (eg accounting.sydney.australia.company.com), but still want to use certificates to protect their users' connections to those machines. So rather than paying for certificates from one of the hundreds of certificate authorities trusted by default in our browsers which would entail disclosing their servers' names they use self-signed certificates to protect those connections.


    But the presence of your employer's self-signed certificate in your computers' list of trusted certs means that your employer can (nearly) undetectably impersonate all the computers on the internet, tricking your browser into thinking that it has a secure connection to your bank, Facebook, or Gmail, all the while eavesdropping on your connection.


    Many big firms use "lawful interception" appliances that monitor all employee communications, including logins to banks, health providers, family members, and other personal sites. Even firms that don't require self-signed certificates in their employees' computers may use keyloggers, screenloggers, and other spying tools to watch what you do and capture your passwords. If your employer, school or institution gets to control the software on your computer, you can't know that it's not snooping on you at all times. Just ask the kids in the Lower Merion School District, whose school-issued laptops were loaded with software that let school administrators covertly watch students at home and at school through the computers' webcams.

    Some may argue that employees who don't want to be spied upon should not use company premises for personal business. There's a grain of truth to this, but it's a small grain. After all, America is "the land of the 55-hour work-week", where personal time to conduct personal business is most often found in snatches between work at your employer's premises.


    Besides, there are plenty of contexts in which "company property" would not excuse this level of snooping. If you met your spouse on your lunchbreak to discuss a private medical matter in the break room or car park, you would probably expect that your employer wouldn't use a hidden microphone to listen in on the conversation even though you were "on company property". Why should your employer get to snoop on your private webmail conversations with your spouse during your lunch-break?


    This was what I was getting at in my essay What's Inside the Box?: if we totalise property and elevate it above human rights, privacy and dignity, we end up in a situation where many of the devices in our lives, from the thermostats that have the power to freeze us or cook us, to the lease-purchase prostheses that let us live our lives, to the contract-subsidised mobile phones that have the power to watch our every move and record our every breath, are all designed to lock us out from controlling them or even knowing what they're doing.



    Cory Doctorow
    guardian.co.uk, Tuesday 27 March 2012 16.45 BST
    2012 Guardian News and Media Limited or its affiliated companies. All rights reserved.
    Protecting your Facebook privacy at work isn't just about passwords | Technology | guardian.co.uk


    Peace is not the absence of war; it is a virtue; a state of mind; a disposition for benevolence; confidence; and justice.

    Spinoza.



  2. #2
    ellie1998's Avatar
    Join Date
    May 2005
    Location
    here
    Posts
    5,744
    DW Cash
    25
    Post Thanks / Like
    Downloads
    6
    Uploads
    1
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)

    Re: Protecting your Facebook privacy at work isn't just about passwords

    I wouldn't be silly enough to use a works computer for anything private.

  3. #3
    wenglishboy's Avatar
    Join Date
    Jun 2005
    Location
    a pigsty
    Posts
    838
    DW Cash
    40
    Post Thanks / Like
    Blog Entries
    5
    Downloads
    2
    Uploads
    0
    Mentioned
    7 Post(s)
    Tagged
    0 Thread(s)

    Re: Protecting your Facebook privacy at work isn't just about passwords

    I suppose it goes without saying that this would be the same for wi-fi access provided by workplace as well as those like mucky d's etc. If you use the service they are providing for free, then I guess they can use what ever info they can capture on these networks. I only ask because my work have recently setup a free wi-fi access and I am asking the question why, when if your at work your supposed to be working. Surely they are not dumb enough to believe that workers will only use it at break times etc. Perhaps it would also be cause for disiplinary procedures at a guess. Unions and the general working public need to be made aware of issues surrounding the offer of free wi-fi and general Inet access at work. The number one age old rule that apply's here I think is...."NOTHING COMES FOR FREE IN THIS WORLD."
    WENGLISH BOY
    I might talk a lot of B@LL@X But at least I have the B@LL@X to say what I mean.

  4. #4
    sticky's Avatar
    Join Date
    Oct 2004
    Location
    The West Midlands
    Posts
    1,792
    DW Cash
    54
    Post Thanks / Like
    Downloads
    0
    Uploads
    0
    Mentioned
    15 Post(s)
    Tagged
    0 Thread(s)

    Re: Protecting your Facebook privacy at work isn't just about passwords

    Ban Facebook it's crap lol

  5. #5
    Him Her's Avatar
    Join Date
    Dec 2011
    Location
    North Yorkshire
    Posts
    6,685
    DW Cash
    799
    Post Thanks / Like
    Downloads
    2
    Uploads
    2
    Mentioned
    60 Post(s)
    Tagged
    0 Thread(s)

    Re: Protecting your Facebook privacy at work isn't just about passwords

    Quote Originally Posted by sticky fingers View Post
    Ban Facebook it's crap lol
    But FB mops up the people I don't want to talk to???

    It's social service lol

  6. #6
    sticky's Avatar
    Join Date
    Oct 2004
    Location
    The West Midlands
    Posts
    1,792
    DW Cash
    54
    Post Thanks / Like
    Downloads
    0
    Uploads
    0
    Mentioned
    15 Post(s)
    Tagged
    0 Thread(s)

    Re: Protecting your Facebook privacy at work isn't just about passwords

    Better not try and add me as friend lol



Similar Threads

  1. Replies: 3
    Last Post: 13th January 2010, 13:29
  2. Facebook privacy change angers campaigners
    By hamba in forum Main site news
    Replies: 10
    Last Post: 15th December 2009, 20:02
  3. Facebook forced to tighten up privacy rules
    By hamba in forum Main site news
    Replies: 0
    Last Post: 28th August 2009, 11:46
  4. Facebook U-turn on privacy changes
    By hamba in forum Main site news
    Replies: 2
    Last Post: 19th February 2009, 16:59
  5. Facebook faces privacy questions
    By hamba in forum Main site news
    Replies: 0
    Last Post: 19th January 2008, 01:17

User Tag List

Tags for this Thread

Bookmarks

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •  

Log in

Log in