How to hide your tracks at work
We all spend some of our time at work doing things that have nothing to do with our job. We surf the Web. We play games. Sure, we all need our downtime, and the enlightened manager knows that. But still, we'd rather just surf in private than deal with the raised eyebrows.
That's why we need ways to ensure that when our boss surprises us or sneaks up behind us, she'll think that we're actually working. Here's a list of apps and services that help.
Camouflaged Web services
1Cup1Coffee makes a list of games look like Windows Explorer.
(Credit: Don Reisinger/CNET)SpreadTweet If you're a Twitter fanatic, try SpreadTweet. The software hides your Twitter stream in what looks like an Excel window. It displays everything in plain text to make it look like a real spreadsheet. It's sure to fool any boss.
1cup1coffee 1cup1coffee looks like a Windows Explorer pane (so don't use it on a Mac), but all those Word documents and Powerpoint presentations are actually a collection of Flash games. Simply click on one of the "files" and you can play a game in what looks like your Windows Explorer window. If you hear your boss, you can hit the back button and you'll be brought back to the file listing.
Stealth tips
Anonymizer If you don't want the IT folks to know what you're up to, spend $30 and get Anonymizer. The software redirects your Web traffic through its servers to not only safeguard your IP from outside sources, but also to get your employer's IT people off your trail.
C.H.I.M.P. lets you see behind you.
(Credit: ThinkGeek)C.H.I.M.P. Rearview Monitor Mirror While playing a game or doing something you shouldn't, just glance up at the C.H.I.M.P. Rearview Monitor Mirror to see if your boss is approaching from behind. The mirror won't hide what you're doing, but it will give you some time to switch to something more appropriate. And in case you're wondering, C.H.I.M.P. stands for Chimp Has Invincible Monkey Powers. Yeah, I don't get it either. But it is worth the $6.99 price tag.
Don's Boss Page Don's Boss Page (no relation) is full of great boss trickery. If you want to aimlessly browse the Web, but make it sound like you're working, you can keep clicking the site's keyboard audio clips to make others think you're typing.
Quick tip: Resize your windows When I was an accountant, I used Outlook. To make everyone think I was so engrossed in my e-mail, I resized Firefox to fit perfectly in the Outlook preview pane. Anyone who walked by thought I was just reading an e-mail. If they ever got too close, I'd switch to another message. It worked beautifully.
Panic switches
Don't Panic 1.2 If you don't want to get busted by the boss, try installing Don't Panic 1.2 onto your Windows machine. The software will allow you to minimize multiple windows at the same time. You can also maximize multiple windows simultaneously to ensure your boss will be happy when they walk by.
Or just use keyboard shortcuts Brush up on your knowledge of keyboard shortcuts. Whenever you hear someone coming, you can quickly drop a few keys and you'll immediately look like you're working.
Abort! Abort!
(Credit: Firebox.com)StealthSwitch You'll have to pay $40 to get it, but StealthSwitch is worth the price -- until your boss finds it. Once connected to your computer via USB, StealthSwitch sits on the floor. While playing a game or doing something you shouldn't at work, you can quickly tap the StealthSwitch when you hear your boss approaching. It immediately makes the current window invisible and brings you back to a window that's related to your work. Once your boss walks away, you can tap the StealthSwitch again to get back to your game. The $25 USB Panic Button is similar, if you're quicker with your hands than your mouse and don't mind a garish missile-launch control button sitting on your desk. Simply push the plastic covering up, press the red button, and the tool will automatically change the screen on your computer to a spreadsheet, your favorite picture, your company's Web site, or anything else you set it to switch to.
Don Reisinger is a technology columnist who has written about everything from HDTVs to computers to Flowbee Haircut Systems. Don is a member of the CNET Blog Network, and posts at The Digital Home. He is not an employee of CNET. Disclosure.
America, F**K Yeah
"While you are surfing using InPrivate Browsing, Internet Explorer stores some information?such as cookies and temporary Internet files?so that the webpages you visit will work correctly. However, at the end of your InPrivate Browsing session, this information is discarded."
Webpage History and numerous other things are also not stored.
With that said, you would be fooling yourself to rely on ANY cleanup, masking, or 'track masking' tools or activities that run locally.
In practice, though, this kind of evidence-gathering is probably used mostly as an excuse to dump employees that the boss has already decided to get rid of anyway -- for being too old, or not kissing up enough (aka "poor attitude"), or because there's someone else he wants to hire for your position, or whatever. So if you concentrate on your apple-polishing and kissing-up skills, you probably can play whatever games you want at work without worrying about any of these tips.
The irony is that the boss you're trying to dodge, when he's not prowling around trying to catch unauthorized employee behavior, is probably cruising eBay for bargains on golf clubs or checking out additions to his home-theater setup. But no, it won't do you any good to point that out at your disciplinary review...
[Posted from home, obviously!]
First off, those of us in IT have neither the time nor the resources to waste on constantly eyeballing a user's every keystroke. Doing so also tends to make everyone hate the IT department, which we really don't want. At the same time, we do have to make sure that we do what we can to prevent folks from doing anything obviously stupid (like, oh, surfing pr0n and the like).
So, here's what usually happens. First, everyone goes through a proxy. The proxy requires a logon (and usually integrates with the user's network logon, so it's all nice and transparent to the user, but we still know who goes where). The proxy also blocks the more obvious sites. Then, we plow through the proxy logs for keywords and for sites that tends to stand out (you know, like "addictinggames", or "myspace"). We look for files that get passed through. If anything suspicious stands out, we'll investigate it. Otherwise, we don't give a damn.
We figure that --barring illegal or pornographic behavior-- it's up to the department heads to deal with infractions as they see fit, and not ours. We only provide the tools to help 'em do it.
Installation of unapproved hardware and software is strictly prohibited in my workplace. A combination of group policy restrictions, software inventory and full-system monitoring is used on all PCs, so it is literally impossible to successfully perform any of the actions that are suggested in this article without it being logged or, in the case of an attempt to connect a usb device or install software, trigger an automated alert to IT and the employee's manager. For example, if a user even attempts to plug their iPod in to their PC to simply charge it, their manager and IT is notified. All keystrokes are logged, all screens are captured for 90 days, and special monitoring modules separate all popular email systems (traditional and web-based), IM and social site activity into easily organized logs. If you post a status update to facebook or tweet, it is logged and optionally copied to their manager or IT.
The point: don't use company equipment to do personal stuff. Instead, buy an iPhone, G1 or a Blackberry and do it at your own expense.
Let me clue you into the real world... outside of obvious IP issues (which are easy to restrict w/o Big Brother), we assume that our users are adults. We only monitor what they do with the Internet.
Instead of wasting terabytes of disk space and mountains of FTE time, we use a cheaper and easier solution. It involves using short cubicles that allow your co-workers to instantly see everything that you see on your screen. HR has their room and area, A/R and A/P has theirs, Sales has theirs, PR and Marketing has theirs, etc. We control who can go into which areas, but within those areas the world is wide open to everyone in it. The CEO is the only human being in the joint who gets a private closed-off room to himself. Executives have their individual offices, but those have huge windows where anyone passing by can see in.
Hell, even in IT, three of my colleagues can see my screen, and I can see theirs.
Most folks would resent such a setup, but I actually love it - it allows me to chat with them directly, and I can share my screen visually w/ them when pointing something out. It also gives us a tight-knit sense of teamwork.
...wanna surf games or pr0n under those conditions? Go ahead - I dare you.
next all web browsing is done through a proxy server. The network firewall is configured to only allow web traffic from the proxy. So even with IE8's inPrivate Browsing or all the other little tricks here, you;re not getting internet access unless you go through the proxy, which logs EVERYTHING from EVERY USER! even if you use an annonymous proxy on the internet, you;re still accessing it through the corporate proxy so we still capture everything. not to mention our proxy/web security appliance blocks all those sites anyway.
maybe these tips may work in a small office. But if you work at a Bank, TelCo, or other major business i wouldn;t try it. you may find out the hard way that all that is offered here is a lot of bad advise.
There are a lot of people who would appreciate having employment and happy to WORK,
It nauseates me that you have the mentality that it is accptable to disregard your JOB.
It is called WORK for a reason. There are many people that would appreciate the opportunity to pprovide your employer with what he is paying for.
I don't appreciate your referrence to WE ALL play that crap either so speak for your unethical slacker self,
But what do I do when I walk in on my boss' boss who was, as someone joked, actually browsing Ebay for golf clubs. Oh, that's right, the Big Boss Knows-All and What's-Best and so I should have flogged myself out of nausea for questioning my employer. Sir, as soon as I send this I will go don a Hair Shirt for the rest of my work day.
BTW, I assume you're reading this and writing YOUR REPLY on your own computer on your own time, right?
No wonder corporate networks are often as easy to penetrate as your average morons private networks at home.
Heh.
And to Mr. Glaven123 - uh, are you an engineer? All those sites are not just job-related, they're *necessary* for certain jobs, and *only* available on the Internet.
Why do I think almost all these replies are from retired grumpy old men who think anyone younger than themselves has never worked hard or lived through tough times, or IT ego-maniacs who think because they can try to find something in a log file somewhere, they're doing their job - rather than setting up my new PC in less than two weeks?
I really can't believe how pathetic and uneducated most of these replies are. Including my own.
Where I work, we don't spy on our employees. We pay them for the actual work they get done, not the time they spend doing it.
We tell them what they need to get done and when it needs to be done. They tell us what they need to achieve that, and we provide it. Then they get it done.
If they get the job done we don't care what they do at the office, or how much time they spend there.
Treating our employees like that has kept us in profit every single year since 1997.
When computers are locked down so users don?t blow them up I can spend my time on major projects; such as exchange server migrations or SQL farm deployments. This is opposed to time spent uninstalling the weather bug from an end user's computer. Such cases only reduce my effectiveness, productivity and don?t give my company a good return on their IT dollars.
Companies that don?t lock down there computers and allow unrestricted access to their users spend much more money on IT than those that do. That is an indisputable fact.
Not to mention that study after study shows that 40% of all internet traffic at the typical workplace isn?t work related. Not only is that money out the window in lost productivity as employees waste company time for which they are paid, it?s money wasted on bandwidth to support all that unnecessary internet traffic.
Picture this case. You have a worker who is browsing the web for some porn and he gets a virus. Your network is now considered compromised in the eyes of the law. Let?s say your line of work involves you taking personal information. You now are obligated under Federal law to notify each and every customer that their personal information may have been compromised. Do you think your customers are going to appreciate that? Do you think they will do business with you again in the future? Assume the data actually was compromised? Do you know your company is legally and financially liable for that?
Managing users IT experience isn?t just about policing the users. It?s about protecting the company and insuring they stay in business and get the best bang for their investment in IT dollars.
My point was of course that even if 40% of traffic is not work-related, I really don care as long as things get done.
I repeat: I DON'T PAY PEOPLE FOR TIME; I PAY FOR RESULTS!
Then get down to reality.
First, not every employee is aware of IT security. They downloaded and installed softwares that are outright malicious in nature, but they have no sense of it whatsoever. Some softwares of poor programming interfered or crashed other legitimate programs. The worst case has to do with damage to the OS core that forced a reinstallation.
Second, corporates have responsibilities looking after the network. They can't simply shirk by saying "it's a matter of employee's own acts and has nothing to do with us" if getting sued because employees committed something illegal using their networks. You think juries will buy it?
I fail to see how your comment is at all relevant to my point.
Perhaps it is because I wasn't clear enough, so I'll try again:
I pay people not for time, but for results. If I get the results I pay for, I don't care if it takes the individual 30 seconds or four hours and they spend the rest of the day on Facebook.
Naturally, If I need to lock down part of our IT structure due to the fact that we have a lot of malware problems, I'll do that. What I won't do is play Kim Jong Il and lock down access just because people spend 40% of their day on Youtube.
And of course, If you don't want to have people working for you that can't handle IT security, train them. Or dont hire them. But don't blame them for your own poor management skills.
I wonder when responsibility will be back in vogue.
The answer is above: pay for the RESULTS, not the TIME. Yes, I agree that IT should lock things down to keep the dimwits from downloading trojans, malware, etc. so they can focus on what they need to do: maintain and upgrade servers, etc. But note that IT professional didn't bother mentioning proxies or looking in logs, etc.
Yesterday I made $2000 gross while the IT people tried to fix locking me out of Internet access required to do my job. Who's irresponsible Mr. Hardy? Generalizations are easy; reality is a whole different thang (sic).
Tipoo's Productivity down 32%. GREAT!
- by nunyabidness69 April 19, 2009 7:56 AM PDT
- Buy a USB 3G modem and browse off the corporate network. Plug the USB in from behind so that it isn't very obvious.
- Reply to this comment
-
-
- by monkeyfun14 April 19, 2009 11:16 AM PDT
- Alot of companies lock down drivers from being installed.
-
-
- by andronin April 20, 2009 10:12 AM PDT
- Or lock down the use of USB ports, we do just for this reason
-
-
Showing 1 of 2 pages (43 Comments)