Comments on: Forensic tool detects pornography in the workplace

Paraben software analyzes images in real time to search for pornographic content on business networks. It should attract the attention of every corporate counsel and HR manager.

[assman]

Dammit.. I guess that means I'll have to stop sharing my porn collection with my colleagues at work, well it was nice while it lasted.

[Lerianis]

Here is a better idea: simply stop allowing the people who have problems with naked bodies and seeing humans in sexual conduct rule the workplace. Frankly, if I was a manager..... anyone who complained just because they saw a picture of a naked person on someone else's computer...... I would fire.

[Penguinisto]

Err, Lerianis, you're being silly.

Unless your company actually sells or produces porn, you have one big fat liability to avoid: Sexual Harassment Lawsuits. It only takes one person to become offended, and *blam* - your profits drop for the next ten years.

/P

[quirK]

No wonder then that Lerianis isn't a manager. Surprise, surprise, but the workplace is actually for work.

[xtrasico]

I am an auditor and fraud investigator. I work for the government and I use Final Data at the agencies I audit to reveal all kind of stuff employees do with computers. Since what I do is not a forensic audit I prepare CD's of what I found. I also make a backup on an external hard drive to analyze the evidence later.

I have my work computer LOADED with porn I have recovered from government computers. I guess auditors have an advantage with it. I call it my "evidence collection". Who knew...

[inachu]

Kinda like going after police who are found to have porn on their PC when in fact the porn they have is really just evidence but that makes no excuse for not zipping that evidence up and keeping it on a separate drive so you do not incriminate yourself even though you truly are innocent.

[mikeburek]

Because it is digital, it can be copied and still be evidence. If you recovered gold bars, you couldn't cash them in, and still have them in the evidence locker at the same time.

Maybe that's why to border guards can now search an electronic device for pirated data / terror threats - they are just looking for some more good music / videos for themselves.

[wiseleo]

And we do data recovery...

I have a lot of rescued porn from dead hard drives. The collection is quite a eclectic. :)

[makatron]

i always wondered how much porn can collect the data recovery centers in a single year out of dead hard drives lol

.....who doesnt have at least a picture in your computer?? xD

[anandvvn]

when @ work it is ok play games, just imagine the embrassement of being caught with such things, so keep the work computer clean, the same thing applies to home computer too, if you want such things cyber cafe if the best palce.

[Lerianis]

No, it doesn't. I just keep all my porn in a password-protected separate user account in Windows Vista, and have the settings set so that ONLY I (not even another administrator, of which I am the sole one on all the computers in my home) can see anything in my private Users directory.

[Penguinisto]

@Lerianis:

Unless you're a CxO, if my user support guy finds an encrypted partition on your computer or network share, it gets deleted upon discovery - no questions asked. If aggregate disk usage exceeds the aggregate file sizing count (something even TrueCrypt can't hide), we start asking questions that you had better come up with answers to if you desire to keep your job.

Fact is, the computers and networks @ work belong to the company, not you.

/P

[willdryden]

@Penguinisto

I guess I would have to keep everything on thumb drives at your workplace. Every project I work on is in a different encrypted partition. This is for security INSIDE the company. Everyone with a NEED to know has the password and anyone with a RIGHT to know can ask to see the information. I'm tired of fellow workers stealing ideas and data.

[Penguinisto]

You would (keep thumb drives, that is)... or you could simply put in a request w/ IT and hand us a copy of the decryption keys - esp. if your data is SOX- or HIPAA-regulated.

Dude - if your politics @ work are so lousy that you need encryption just to keep co-workers from swiping ideas (?) and data (!?), then maybe you ought to work for someone else...

The reason why is simple: we're responsible for everything that happens to that data. If you get hit by a bus tomorrow morning, the last thing we want to deal with is some VP storming in tomorrow @ noon and demanding the contents of something we couldn't honestly extract without spending a metric ton of time and/or money.

[mikeburek]

@Lerianis - just pop in a Linux Live CD and you can usually get around those password permission protected files - unless they are physically stored encrypted. Only the installation of Windows used to create those permission will respect them. Many times, you could also just pop the drive into some other Windows computer and could get around those permissions also.

[waxplayer]

Oh ****!

[Penguinisto]

$17,500? Err, as a sysadmin, I'm saying the price tag is a bit too high. Do you realize that I can buy some extra VMWare licenses with that cash, or a new server, or a new fiber switch, or...? Instead they expect me to spend it on some sort of nanny software that probably would cease to work the nanosecond it came up against an encrypted partition, or ".jpg" files re-named as ".pdf", or...

To be honest, it is easier to work on the assumption that our users are adults.

We have an even more effective means of preventing pr0n where I work - an open floorplan. It's gonna be awful hard for you to eyeball pornography where I work, since your screen can be readily seen by at least 2 other people at any time. As a bonus, it has promoted better communications, a friendlier atmosphere, and a gentler office atmosphere. Even among us in the sysadmin pit - our room is closed-off, but there's three of us in there. Any Sr. manager or above can drop in by using their badge.

...and I can spend that $17.5k on something useful, instead of on mollifying the (IMHO mostly unrealistic) fears of the HR and legal departments.

/P

[blueboxgeek]

umm..thats only $34 a computer...most anti-virus programs are more expensive than that....

[ipv9]

There's a very easy, free way to hide any p0rn you don't want this very expensive app to find:

TrueCrypt

nuff said.

[Penguinisto]

@blueboxgeek: A new 24-port 8GB fiber switch can service more than 500 machines when used in a backbone... and costs a whole lot less. I can buy 34 new laptops for $17.5k, or 51 desktops, or two high-volume SQL servers, or ...?

Why should I spend the dough on something silly and juvenile like pr0n, when I can instead spend it on something, you know... useful towards reliability, availability, disaster recovery... things that have a valid reason for existing on a company network?

You mention A/V. Yep - but A/V has a very real purpose for existing: Windows' architecture is crap, and is subject to malware on a far too regular basis. I'd rather keep that contained. Pornography on the other hand is something that can be solved without spending a boatload of money, and by many, many means. If you find someone downloading porn (trust me, it's laughably easy to find if you know how to read a proxy log), investigate it and fire the SOB. If you find an encrypted partition, give the employee an ultimatum: cough up the keys or lose your job.

Other means to prevent pr0n is to enforce quotas on disk space, set up a working proxy and have an RBL or three in place, etc... things that don't require Yet Another Purchase Order.

@ipv9: Yep - that's why I mentioned encrypted partitions. Such software as this porn-finder are way too easily blocked or fooled, vendor claims be damned.

[Vegaman_Dan]

Penguinisto:

So, I'm curious- which job are you currently referring to? To date you have claimed:

1) Sole admin responsible for converting more than 10,000 desktops from Windows to Linux (your claim)
2) Sole admin responsible for all network and security operations of a multibillion multinational publishing empire spanning many different continents (turns out he worked as part of the IT dept of a small Oregon children's book publisher- boy was he mad when I looked that up online in another forum)
3) Security analyst for a major internet company
4) Admin for a startup of 20 people

Which is it? I'm just asking to figure out which story you are telling since you don't really do much to keep track of your own. :)

[Penguinisto]

Dan - please come back when you have moved up from the help desk.Your ignorance is appalling.

[globalist_agenda]

What if porn in the workplace INCREASES worker creativity and productivity? Then using Paraben would actually be detrimental to companies. Ninety-seven percent of doctors surveyed agree that sexually frustrated workers are less happy, more irritable, and use more sick days than sexually satisfied workers. Not only should porn in the workplace be encouraged, companies should provide "love" rooms for workers in need of a creativity boost.

[Lerianis]

True. It might be that porn in the workplace keeps certain people from 'snapping' and out to attack people.

[Penguinisto]

Sexual frustration is something you need to take care of at home. On your equipment, not mine. I have enough user-generated headaches to work with on a daily basis without some frustrated little man demanding to get his rocks off on company time.

[inachu]

If co workers get nervous when i mention to back up their pc they get very nervous or angry which is a good sign of porn.

[n3td3v]

Its a pitty they can't focus their efforts on detecting more worth while things.

[Penguinisto]

Agreed. Seriously... W.T.F? The algorithms they're using can be far more useful in many other endeavors...

[MLwhatusee]

either way guys how bout a REAL person ......

[inachu]

I had a co worker wh owas fired and he was working at our company for over 15 years.
Over half of his hard drive was filled not just porn but only porn from the 1970's.....


weird.

[Philips]

"Pornography in the workplace can pose a serious problem for employers
because a significant amount of material is downloaded by employees
during business hours."

Yes, this is welcome addition to arsenal of offensive corporate tools.

After all, people would be much more open about the fact that their job sucks and they have to fill the numerous time gaps with something else.

I doubt that it would improve productivity, but, if properly wrapped in suits-compatible PowerPoint presentation, the new capability would be immediately accepted and approved by middle/upper management. Because, from my observations, if plain employees do something inappropriate on their work place, then middle/upper management is doing even more of it. And what could be better for slacking management than purchase of new tool to show off that they care about atmosphere in office, that they do something "managerial".

[Penguinisto]

Heh - in these times, if you're not busy enough at work, you become a target for layoffs. ;)

[inachu]

Part of the scan for porn with be color matching...... If picture = skin tone by 15% then picture is flagged.

[Gayle Edwards]

This is absolutely amazing...

This software can apparently do more than sociologists, politicians, various social-groups, or even the entire legal system... in identifying, so-called, "porn". AND, it apparently provides far greater AI capability and image-analysis, capability than some of the best, experimental AI and image-analysis software running on some of the most advanced prototype-systems, at some of the best research institutions, in the world ...Unless, of course, its just looking for large numbers of large JPGs, GIFs, and movies (the real tip-offs to mis-used IT-resources).

Of course its really, really, expensive... in the harshest business-climate since the "Great Depression"... But, hey, its much better than managers (or IT-staff) having to actually to do their jobs... or, God-forbid... worry about far more important, REAL, business and productivity-issues.

Isnt it..?

[Penguinisto]

Point of order: PR and marketing departments have tons of media files. And don't ask about the guys in Graphics ;)

Otherwise, I agree perfectly. :)

[pbarnhart01]

A very long time ago we had a system like that at the auto maker (this was back in the Netscape 2 era) I worked for. It scanned pictures for a percentage of skin tone. Too much skin, and you could get a visit from the porn patrol - and lose your job.

The system choked to death on pictures posted on the company's own intranet from the Detroit auto show. Seems someone forgot to scoot the booth babes out of the way.

[wizodd-cepia]

Well, what it looks for isn't porn--it's fleshtones.

Basically, you got pictures of people, it'll find'um

Now how about letting us access just the HASH RECORDS from Innocent Images National Initiative and Online Child Pornography Program so that we can run through our systems and actually FIND child pornography...before someone DOES write a virus to drop the crap on our systems.

I work as an expert witness on CP cases, and the lack of a tool to reliably bar and/or remove the crap from a system is causing a lot of concern.

But can we access the hash for the image database? No. But it would let us at least find the stuff and report the people. By using the db hash we would ensure that no 'judgment call" is required--existence in the db is proven evidence.

[disenchantres]

Disturbing! How much more monitoring can there be? Before you know it, there will be forensic tools monitoring our vital signs, age, color, sexual orientation, while we surf and type away on our personal laptops!

[willdryden]

Just wait until software like this is part of the OS and your computer calls the police to arrest you.

[nklemm]

There aren't enough police in the world

[fgduarte]

Pornography is an addictive behavior with horrible consequences. Usually it's triggered by loneliness, fear, anxiety, anger and other feelings. One may think it's not harming anyone but the reality it affects everyone around. Family relations are ruined, marriages are broken. Trully sad consequences. It can lead to extra marrital affairs, child abuse, and many other things. However, there are addiction recovery groups that help people with these types of addictions.

This software is great because it protects the company's best interest but it's my personal conviction that instead of firing the individual, companies could offer the individual help recovering from the addiction.

Just a thought.

[albizzia]

No more addictive than video games or chocolate, or any other pleasure, and like other pleasures t's only an "addiction" if it goes to excess and interferes with a normal life. As for "horrible consequences", there really aren't any, unless it is illegal stuff that leads to arrest and prosecution (most porn is legal) or it leads to job loss (don't fool around on the job), or a prudish spouse demands a divorce (should have married a more compatible person).

Porn doesn't cause any activity that a person isn't already interested in. Only child abusers are interested in illegal underage porn, those enjoying legal porn only are unlikely to abuse children, and most child abuse is the non-sexual type done by religious zealots.

[BenjaminWright]

The case Williams v. City of Chicago will give <a href="http://computersafety.wordpress.com/2008/10/28/internet-pornography-in-the-workplace/">any employer incentive to filter porn</a> from work computers. --Ben

[methadras]

How about they make the software downloadable so users can see if they have imagery that might be questionable. Sort of a self audit and if they do they can delete it or move it off of their work computer. At least that way, the users can be accountable on their own and have a stake in being honest about it.

I'd like to know if there was porn or what an app considers porn to be so I can see it for myself and remove it. Sometiimes you just don't know.

[ferretboy88]

Who is their right mind would watch porn at work? I guess since I am a right wing Chruch guy I don't get the new things the young kids do.

[albizzia]

I agree, and I'm not a right wing church guy. I actually like seeing pictures of naked people doing naughty things, but never look at that when I am working - and I work at home. Fortunately, my spouse likes the same porn I do, so after the work is done we can relax and enjoy a little pleasurable entertainment.