I recently asked a question in a Tek-Tips programming forum and received a thought provoking reply. I am repeating the unedited posts to allow all members a chance to evaluate the discussion and share their thoughts.
Please excuse the length and the slightly technical content. I believe there are some important issues here. If your company hasn't already been forced to address them, I believe it probably will in the near future.
Alt255 (Programmer)
I don't ask a lot of questions in the VB forums but this one has me pretty stumped. Please excuse the rather long background introduction but I feel disposed to explain why I require certain information. Some of you might think that what I a trying to accomplish is quite despicable.
Every few days the IT administrator will poke his head in my office and say, "There's some pretty heavy network traffic in this corner of the world. What are you doing?" Naturally, I always have a legitimate excuse for transferring several hundred megabytes or having a dozen browser windows open at the same time, but it occurred to me that not all of our users would be so quick to formulate a good "reason". IT should be able see what is occurring on any given workstation without having to walk to an office and look at a monitor.
The solution occurred to me last week, under some rather unusual circumstances. Our Safety Director had been laid off on Thursday but he came to work on Friday and then Monday. He appeared to be in a bad state of denial and I assume no one had the guts to say, "Look. You don't work here anymore. Go home and get some rest!" (It was learned later that he just wanted to "tie up some lose ends" and make sure Human Resources understood the system he had created. What a guy!)
Monday morning the IT manager passed by my office walking a little faster than usual. I heard him mutter, “He’s surfing hot and heavy….” I knew exactly whom he was talking about. I never saw our former safety director again.
That’s when the thought struck me. I had been writing a custom browser to allow controlled access to the company Intranet and the the select few who were allowed that privilege). One of browser’s “features” allow it, under certain circumstances, to take a screen capture. It took me about ten minutes to pull some of the code into another application and install it on one of the computers in my office. Then it took about three minutes to write a small program and run it on my main machine.
I called the IT manager into my office and pointed toward both monitors. “See anything unusual?”
“No. So you copied the wallpaper off of this computer… So what?”
I had him open a window on the first computer and then look at my monitor. He was viewing an exact mirror image.
After I assured him that I hadn’t installed PCanywhere he played around a bit, looking back a forth at the two monitors. Finally, he said, “I like it. I like it a lot! How did you do that?”
At first I patted my own back, pretending to be the world’s greatest genius (he knows me and knows better), but then I had to admit to the truth. The first computer was running a hidden program that simply enumerated the open windows. When the number of windows changed, it captured the current screen and wrote it to a bitmap on a mapped drive. The other computer was running a simple program that used a timer control to periodically load the bitmap into a picture control.
I could see the gears turning and it didn’t take him long to realize the potential. We both agreed that it wouldn’t be a great idea to save the screen every time a window was opened (it could affect a system’s performance) or refresh the remote view based on an arbitrary timer value (it could bog down the network in no time) or use a mapped drive to store the bitmaps (it could introduce security concerns). We both agreed that it was a killer idea that only needs a few tweaks. We envisioned a form filled with thumbnails representing the computers on a domain of the network. Click one and the monitoring app would send a query for a new screen capture to the app on the workstation, load the bitmap and show the capture in a full-screen view.
Both of us had heard of software capable of doing the same but he had already researched the subject and concluded that the company would never be willing to pay for it. Perhaps that is why he was so excited to see me performing this relatively simple trick.
My problem is that, aside from querying a workstation by writing a file to it’s hard drive and asking it to save a bitmap to a mapped drive on the network, I really don’t have a clue as to how I can do this. There must be a much faster and more efficient way to do this using TCP/IP.
The network is simple but fast, Microsoft Networking, no frills. The Server on the “troublesome” domain runs NT Server SP5; the workstations are mostly Pentium class running Win9x (various editions) with one running NT WS. The programmer is running VB6 Pro on a Frankenstein collection of hardware.
If anybody can help this simple code-jockey enter the fascinating world of network programming, ASAP, please respond.
A plain black box
Don't sit down. It's time to dig another one.
SteveMeier (Programmer)
After reading this thread I had several mixed emotions about what was being attempted here. My gut instinct was to just bite my tongue. However, I feel compelled to share my thoughts. While this might not be a technical response to the original question, I feel that it deserves equal air-time.
The original author stated:
"IT should be able see what is occurring on any given workstation without having to walk to an office and look at a monitor"
This brings up a question of ethics. The first thing I thought of was George Orwell's 1984 book and Big Brother. My question is "Why should IT be able to see what's occurring on any given workstation?". What gives this group the authority to observe others working environments? Is this not an invasion of privacy?
It was also stated in the original post that:
"Every few days the IT administrator will poke his head in my office and say, "There's some pretty heavy network traffic in this corner of the world. What are you doing?""
Is this not the proper way to conduct business in a professional manner?
It also mentioned that something was mentioned about:
"He’s surfing hot and heavy…"
Was this information not obtained through OTHER means, other than watching what was going on, on the users machine? While probably not actually SEEING what the user was doing, there was probably enough evidence through Proxy or firewall logs based on IP addresses, machine names, DNS servers and site names and addresses to prove a case.
Should the people that work at clothing stores have the right to view others as they change in the dressing room to help protect themselves against theft? Should Microsoft be able to scan your computer for installed programs and use this information against a database to determine if you are a software pirate? What about tapped phone lines, bugged rooms or offices or hidden cameras? Is this not all an invasion of privacy?
Should IT be able to see the payroll sheets from accounting. Would it make you feel better if you knew that the guy you're training is making $15,000 more than you and doesn't have half your knowledge? Should IT be able to view information on the Presidents or CFO's machine to get hot stock tips? As an IT person, are we now going to be making decisions for other departments telling them how to do their jobs? Sure we might know that Sally is getting canned on Friday, but she's a good friend of ours, do we tell her before she gets the news from the company? As humans, will we be able to separate our personal feelings from our work based on the information that might be obtained throught such a tool? Which one will take precedence?
How should we feel if our lines at work are tapped, personal work email monitored as well as our Internet usage monitored?
Standard policy is that if you are speaking on a recorded line, both parties must be aware of it. The original post made no mention of the end user being made aware of the program running, so I won't make any assumptions here.
I work in the IT department, but that doesn't give me the right to know what you're doing on your machine. I feel there are other ethical ways around monitoring network traffic. The use of a firewall can tell a lot about what sites users are hitting, without actually seeing the screen. I feel what is being proposed here is the equivalent of your boss standing over you for 8hrs a days watching you open every program or window on your machine. Think about how you would feel if this situation was imposed on you (no one specific, just whoever happens to read this). Would you like it? Would you fight it? Would you sue the company for not telling you about it? Would you leave your job? What if all jobs were like this?
What about the jokes that your neighbor sends you or the adult internet companies that scan your posts in the legitimate news groups and send you advertisements in email requesting you visit their site? Obviously you have no idea who these people are, but try to explain that to HR when you get your pink slip. Then when you sue the company they bring out the screen shots and prove that you were engaging in unapproved work ethics. Now you're an innocent party that is charged as guilty. Remember, a picture is worth a thousand words and the words used in conjunction with the picture can have varying effects on different people.
So my questions are; Is this something that we really want to pursue? How will it be managed? How will or could it be abused? What type of effect will it have on the company both short term and long term? What about short or long term effects on the employees?
I'm asking you to really think about this before implementing such a program. A program such as this has the ability to do a lot of irreversible damage in a short amount of time.
Just my two cents.
Disclaimer: This post is not directed at any specific individual or group or individuals or any company or group of companies. It is solely intended for conversational purposes only.
Steve
tribesaddict@swbell.net
Legal issues aside, under what conditions (if any) can we justify the monitoring of user activities? Does IT have the moral right and responsibility to keep an eye on the employees?
Alt255
[sig]<p> <br><a href=mailto: > </a><br><a href= plain black box</a><br>Don't sit down. It's time to dig another one.[/sig]
Please excuse the length and the slightly technical content. I believe there are some important issues here. If your company hasn't already been forced to address them, I believe it probably will in the near future.
Alt255 (Programmer)
I don't ask a lot of questions in the VB forums but this one has me pretty stumped. Please excuse the rather long background introduction but I feel disposed to explain why I require certain information. Some of you might think that what I a trying to accomplish is quite despicable.
Every few days the IT administrator will poke his head in my office and say, "There's some pretty heavy network traffic in this corner of the world. What are you doing?" Naturally, I always have a legitimate excuse for transferring several hundred megabytes or having a dozen browser windows open at the same time, but it occurred to me that not all of our users would be so quick to formulate a good "reason". IT should be able see what is occurring on any given workstation without having to walk to an office and look at a monitor.
The solution occurred to me last week, under some rather unusual circumstances. Our Safety Director had been laid off on Thursday but he came to work on Friday and then Monday. He appeared to be in a bad state of denial and I assume no one had the guts to say, "Look. You don't work here anymore. Go home and get some rest!" (It was learned later that he just wanted to "tie up some lose ends" and make sure Human Resources understood the system he had created. What a guy!)
Monday morning the IT manager passed by my office walking a little faster than usual. I heard him mutter, “He’s surfing hot and heavy….” I knew exactly whom he was talking about. I never saw our former safety director again.
That’s when the thought struck me. I had been writing a custom browser to allow controlled access to the company Intranet and the the select few who were allowed that privilege). One of browser’s “features” allow it, under certain circumstances, to take a screen capture. It took me about ten minutes to pull some of the code into another application and install it on one of the computers in my office. Then it took about three minutes to write a small program and run it on my main machine.
I called the IT manager into my office and pointed toward both monitors. “See anything unusual?”
“No. So you copied the wallpaper off of this computer… So what?”
I had him open a window on the first computer and then look at my monitor. He was viewing an exact mirror image.
After I assured him that I hadn’t installed PCanywhere he played around a bit, looking back a forth at the two monitors. Finally, he said, “I like it. I like it a lot! How did you do that?”
At first I patted my own back, pretending to be the world’s greatest genius (he knows me and knows better), but then I had to admit to the truth. The first computer was running a hidden program that simply enumerated the open windows. When the number of windows changed, it captured the current screen and wrote it to a bitmap on a mapped drive. The other computer was running a simple program that used a timer control to periodically load the bitmap into a picture control.
I could see the gears turning and it didn’t take him long to realize the potential. We both agreed that it wouldn’t be a great idea to save the screen every time a window was opened (it could affect a system’s performance) or refresh the remote view based on an arbitrary timer value (it could bog down the network in no time) or use a mapped drive to store the bitmaps (it could introduce security concerns). We both agreed that it was a killer idea that only needs a few tweaks. We envisioned a form filled with thumbnails representing the computers on a domain of the network. Click one and the monitoring app would send a query for a new screen capture to the app on the workstation, load the bitmap and show the capture in a full-screen view.
Both of us had heard of software capable of doing the same but he had already researched the subject and concluded that the company would never be willing to pay for it. Perhaps that is why he was so excited to see me performing this relatively simple trick.
My problem is that, aside from querying a workstation by writing a file to it’s hard drive and asking it to save a bitmap to a mapped drive on the network, I really don’t have a clue as to how I can do this. There must be a much faster and more efficient way to do this using TCP/IP.
The network is simple but fast, Microsoft Networking, no frills. The Server on the “troublesome” domain runs NT Server SP5; the workstations are mostly Pentium class running Win9x (various editions) with one running NT WS. The programmer is running VB6 Pro on a Frankenstein collection of hardware.
If anybody can help this simple code-jockey enter the fascinating world of network programming, ASAP, please respond.
A plain black box
Don't sit down. It's time to dig another one.
SteveMeier (Programmer)
After reading this thread I had several mixed emotions about what was being attempted here. My gut instinct was to just bite my tongue. However, I feel compelled to share my thoughts. While this might not be a technical response to the original question, I feel that it deserves equal air-time.
The original author stated:
"IT should be able see what is occurring on any given workstation without having to walk to an office and look at a monitor"
This brings up a question of ethics. The first thing I thought of was George Orwell's 1984 book and Big Brother. My question is "Why should IT be able to see what's occurring on any given workstation?". What gives this group the authority to observe others working environments? Is this not an invasion of privacy?
It was also stated in the original post that:
"Every few days the IT administrator will poke his head in my office and say, "There's some pretty heavy network traffic in this corner of the world. What are you doing?""
Is this not the proper way to conduct business in a professional manner?
It also mentioned that something was mentioned about:
"He’s surfing hot and heavy…"
Was this information not obtained through OTHER means, other than watching what was going on, on the users machine? While probably not actually SEEING what the user was doing, there was probably enough evidence through Proxy or firewall logs based on IP addresses, machine names, DNS servers and site names and addresses to prove a case.
Should the people that work at clothing stores have the right to view others as they change in the dressing room to help protect themselves against theft? Should Microsoft be able to scan your computer for installed programs and use this information against a database to determine if you are a software pirate? What about tapped phone lines, bugged rooms or offices or hidden cameras? Is this not all an invasion of privacy?
Should IT be able to see the payroll sheets from accounting. Would it make you feel better if you knew that the guy you're training is making $15,000 more than you and doesn't have half your knowledge? Should IT be able to view information on the Presidents or CFO's machine to get hot stock tips? As an IT person, are we now going to be making decisions for other departments telling them how to do their jobs? Sure we might know that Sally is getting canned on Friday, but she's a good friend of ours, do we tell her before she gets the news from the company? As humans, will we be able to separate our personal feelings from our work based on the information that might be obtained throught such a tool? Which one will take precedence?
How should we feel if our lines at work are tapped, personal work email monitored as well as our Internet usage monitored?
Standard policy is that if you are speaking on a recorded line, both parties must be aware of it. The original post made no mention of the end user being made aware of the program running, so I won't make any assumptions here.
I work in the IT department, but that doesn't give me the right to know what you're doing on your machine. I feel there are other ethical ways around monitoring network traffic. The use of a firewall can tell a lot about what sites users are hitting, without actually seeing the screen. I feel what is being proposed here is the equivalent of your boss standing over you for 8hrs a days watching you open every program or window on your machine. Think about how you would feel if this situation was imposed on you (no one specific, just whoever happens to read this). Would you like it? Would you fight it? Would you sue the company for not telling you about it? Would you leave your job? What if all jobs were like this?
What about the jokes that your neighbor sends you or the adult internet companies that scan your posts in the legitimate news groups and send you advertisements in email requesting you visit their site? Obviously you have no idea who these people are, but try to explain that to HR when you get your pink slip. Then when you sue the company they bring out the screen shots and prove that you were engaging in unapproved work ethics. Now you're an innocent party that is charged as guilty. Remember, a picture is worth a thousand words and the words used in conjunction with the picture can have varying effects on different people.
So my questions are; Is this something that we really want to pursue? How will it be managed? How will or could it be abused? What type of effect will it have on the company both short term and long term? What about short or long term effects on the employees?
I'm asking you to really think about this before implementing such a program. A program such as this has the ability to do a lot of irreversible damage in a short amount of time.
Just my two cents.
Disclaimer: This post is not directed at any specific individual or group or individuals or any company or group of companies. It is solely intended for conversational purposes only.
Steve
tribesaddict@swbell.net
Legal issues aside, under what conditions (if any) can we justify the monitoring of user activities? Does IT have the moral right and responsibility to keep an eye on the employees?
Alt255
[sig]<p> <br><a href=mailto: > </a><br><a href= plain black box</a><br>Don't sit down. It's time to dig another one.[/sig]
