Did anyone else see this?

[falnfenix]

http://online.wsj.com/article/SB118539543272477927.html?mod=fpa_mostpop

freaking lovely...i can't WAIT to hear the fallout from this...

Comments

[thecrazyfinn.livejournal.com]

'How to get fired for security breaches in 10 easy steps' is more like it.

[falnfenix]

precisely, but since that wasn't mentioned in the article you *know* the luzers are going to try at least some of it.

[asbrand.livejournal.com]

LOL - I'm sure most of us already knew all of this. ;-)


-Az

[falnfenix]

what, that these exist or that it's been released to the general public, who will get the brilliant idea to use these "tips" to "get around" IT?

[taleya.livejournal.com]

They need a huge disclaimer:

"DOING THIS SHIT WILL GET YOUR ARSE FIRED"

Surprisingly, we are employed to work. Mindboggling I know, but it's true...

[falnfenix]

that's why i question the reason for actually writing that article in the first place.

i can see the complaint letters now:
"Dear Wall Street Journal,

YOU GOT MY ASS FIRED I HATE YOU DIE IN A FIRE!!1

Kthxbai."

[vertelemming.livejournal.com]

... the last five tips sent me into a panic attack just thinking of having to deal with this. What the fucking fuck, WSJ.

[falnfenix]

sorry bout that...heh.

[brotherflounder]

Wow, that News Corp buyout destroyed the WSJ's intelligence even faster than I thought it would.

[falnfenix]

indeed.

sidenote...icon love. :)

[the-s-guy.livejournal.com]

Meh, most of those workarounds won't, in any workplace with competent security policies and practices.

Let's see...
Online emailing services - BLOCKED.

Unauthorised software sites - BLOCKED.
Unauthorised programs on USB sticks - BLOCKED.
USB storage devices in general - DISABLED. (Non-storage devices still work.)

Proxy sites - BLOCKED.

Company laptops attempting an internet connection to anything except the corporate VPN tunnel: LOCKED DOWN.
or
Uses copy of latest version of corporate blacklist: SITES BLOCKED.

Putting corporate documents on third-party servers: BANNED VIA POLICY, plus the sites themselves are BLOCKED, plus any resident third-party program which handles the interface is BANNED and AUTO-DELETED.

Encryption settings in corporate email: LOCKED DOWN.
Encryptable IM software: BANNED and AUTO-DELETED.

Auto-forwarding all corporate email to an external account: BANNED, and email rules which incorporate it are AUTO-DELETED.

Reading webmail on a Blackberry: OK, as long as it's a corporate Blackberry where the automatic and ultra-paranoid virus scanners are LOCKED DOWN and the device is automatically given a thorough checkup and cleaning whenever it's plugged into the corporate network. Note also that it will only be configured to access the corporate webmail and users will not have the access to add personal accounts.

Surfing/slacking at work: All well and good, except that every URL and every click you make is recorded by the corporate proxies and monitoring software. If your boss wants a list of every site you visited and when, one call to IT is all it takes.

Summary: This is a lame list. Any place with an IT department worth its salt will already be way, waaaay ahead of the game with these. Yeesh, it didn't even mention using IP addresses instead of DNS names (BLOCKED!) or tunnelling to an external source over port 53 (monitor tripping!). And some of the activities it suggests (large file transfers, YouTube) are going to be picked up by the bandwidth monitors anyway, regardless of what convolutions the path to get them takes.

[falnfenix]

but for corporations with less-than-stellar security, this will be a nightmare. i work where different departments will have their own IT groups, and each group manages things differently. the lack of uniform security will cause a headache in any group, merely because the IT gods at the university will scream, holler, blame every IT group under them, and generally cause our lives hell as they audit each system.

Out of Curiosity

[necessitysslave.livejournal.com]

Do you block VBA access in microsoft office related products (and do you block wsh script files ect.)

I've always found even in the places I've worked with strong policies there is always someone with a word document that when you open it it gives you more rights/alows the install of programs/does something else you're not supposed to do.

[superbus.livejournal.com]

This is all well and good, but not every IT department has the tools at it's disposal to get these things done. At my last job, all it took was one person with ties to the CEO to complain, and next thing you know, I'm being called in on Sunday to install DVD software on someone's laptop while he stands over me, smirking, knowing that I'm his bitch now.

[swwinchester.livejournal.com]

Mmmm. This is a good list, and from a reputable source. I will have to take pains to ... selectively provide this information to some people.

I can already smell the evolutionary processes at work ...

*smiles* One techie's nightmare is another techie's evolutionary chainsaw. It all depends on the careful and well-measured deployment of the information.

in an attempt to avoid airing dirty laundry better left buried

[falnfenix]

this will only cause mighty headaches for those poor saps working with poor 'net security...but there WILL be a large amount of fallout if people take this seriously. as mentioned to your friend taleya up there, i can see the letters to the editor now.

if it successfully weeds out more douchenozzles who don't really belong in their positions, so be it. less work for me in the long run.

[forever-damned.livejournal.com]

Any sysadmin worth his salt can block all of that shit anyway and probably already has.

People must be retarded if they think using "You send it" disguises the fact they uploaded, or downloaded, 2Gb in one session.

It never ceases to amaze me how people can claim complete disbelief that someone (or something) magically used a ton of data/bandwidth.

[falnfenix]

well...i CAN say that with the amount of idiots users i see on the daily, it's really not surprising how many people claim innocence when the problem can easily be traced back to them.

[rorted.livejournal.com]

What's with TFA's obsession with capitalising URL's et Google.com, ESPN.com, BoingBoing.net?

</irrational annoyance>

[falnfenix]

*shrugs* maybe they want them to feel important?

IT is just like your mom!

[guinevere33.livejournal.com]

So your mom doesn't want you to stay out late with my friends on school nights - she says something about education being important. How lame! Here are most-requested tips for getting around your parents' silly rules!

1. How to play in traffic

2. How to sneak home at 3 a.m. without being caught

3. How to hide the smell of pot

4. How to alter your report card

5. How to hide your Asian teen gangbang porn

6. How to hide the evidence of a wild party

7. How to pass off a hangover as the flu

8. How to meet up with strangers from the internet

9. How to get bailed out of jail without admitting what you actually did

10. How to get a quickie abortion

Re: IT is just like your mom!

[superbus.livejournal.com]

And just like my mother, I can give a DAMN good spanking when my lusers get caught. :D

[yndy.livejournal.com]

but it's missing the one I kept looking for:

The Risk: losing your job when your boss/company/etc find out that you've been circumventing security measures and making the company's proprietary information vulnerable and potentially public.

[sethb.livejournal.com]

The article is clueless.

A logo that says Verisign proves the identity of the site? When did that start happening?

https secures the files you upload from the bad guys running the uploading service?

[ihateemo.livejournal.com]

Why on earth would someone use YOUFUCKINGSENDIT to share corporate files? Hello, shared drives! Sheesh.

[ihateemo.livejournal.com]

Also, does anyone REALLY wish they could take MORE of their work with them out of the office? Stupid WSJ! Bad dog!

[ateji.livejournal.com]

The Lifehacker (http://lifehacker.com/software/top/10-things-your-it-department-wont-tell-you-284192.php) comment thread this spawned is full of anger and great commentary by you types. :)

[siliconshaman.livejournal.com]

wow... never thought I'd be grateful to be unemployed...

I can just see what'll happen back at my previous position when that does the rounds via intranet email/netchat.
*wince*
ok, time for my brain-bleach.

[teriwyn.livejournal.com]

... thank $diety that tomorrow is the last day of my contract. Seriously, this is a great big load of WTF.