That naked picture on my PC? Not mine. The IT guy put it there Welcome again to On-Call, our Friday frolic through readers' experiences of being asked to sort things out in the office, or outside it and outside office hours. This week, a pair of responses to recent On-Call stories in which readers confronted secret directories full of decidedly Not Safe For Work images. Reader “Dave” …
Wrong - there is no death penalty for atheists in Malaysia (I lived there as an atheist quite openly for nine years, with my muslim wife). Only PAS argues for the death penalty for apostates - it's not on the statute books at all.
I have never heard of anyone having problems in Malaysia and that comes from a lot of people I know who have lived and worked over there, or in the surrounding areas and have visited.
There's no reports of religous police checking for girls in bikinis in Langkawi (tourist spot, good diving). Last time I was there I was in Penang, staying in an area that was definetly quite religous, the Muezzin used to do prayer call's usually about the time we were sitting out opposite the mosque with a beer discussing what to eat. The GF never wore a headscarf, didn't cover her arms, we were never hassled.
My GF worked there for a couple of weeks on her own in KL, she never felt she had any problems.
That Reuters report does not sit with my experiences I know of Malaysia anyway.
Fair enough and I can't say, but I was under the impression places like Sabah, it was more issues with religous clashes like the Catholics wanting to out the name Allah in the bible, preaching to convert muslim by Chroistian organisations things like that. I was under the understanding Malaysia has freedom of religion in its law and its just those pushing for Sharia that cause trouble. I certainly have not heard of executions for apostay. (If I am wrong feel free to correct me).
Also AC, plenty of Malays born to Catholics and Christians as well, just because you are born Malay you are not automatically enrolled into the Muslim faith, and generally speaking Atheism comes about a bit older anyway as a lifestyle choice. A large part of the population is also Budhisst there's a large Chinese family influence in that part of SEA and so Buddhism is quite popular.
I was once asked to unformat a WinXP laptop that a sacked director of a company had formatted to annoy the other directors. Mainly it was to recover the business information that proved he had been embezzling company funds. Not that the press was having any of that. He was as pure as the driven snow according to the journalists. He hadn't been merely pocketing company money though. There was an amazing amount of porn, mainly incest stuff. I imagine the police were as interested in prosecuting this pillar of society as the press were in pursuing him for his nefarious activities.
Fairly "important" (at least in his mind) manager at work refused for a long time to have his Windows 95 (or possibly XP it was a long time ago) machine converted to NTFS partitions because he didnt have time for the conversion to be done.
When he had to lend said laptop to someone in IT who needed one to use it was found full of rather unsavoury images for which police were called in.
Said manager tried to blame IT for having a vendetta against him and must have remotely connected up to his machine to put images on.
How much joy was had when it was pointed out that no-one could remotely connect to his machine because he hadn't allowed us to convert to NTFS.
He was never seen again!
"Because when the file system is FAT or FAT32 you can't remotely connect to the C: share like you can with NTFS."
so all those networked Win98 boxes I used to look after were running NTFS were they? I don't think so - they were on FAT32 and we had no problems with network sharing. Likewise nowadays I have no problems sharing FAT32 pen drives. Methinks someone is reciting old wives tales
And I think you shared out the C: as an explicit share and not accessing the C$?
If you were accessing the C$ on FAT32 on Win98 you should have patented the way you did it because you would have made a fortune because it wasn't technically possible according to everyone else.
if you create a share on a drive then yes you can access it on Fat32.
Maybe you don't actually remember what you did?
Having had something highly similar, although without the screensaver, well, initially.
A user of a military system, on a military network, had been issued a computer for his exclusive usage. While running my weekly vulnerability scan, I took note of that week's systems that stubbornly refused to accept their patches and lined up my work for the afternoon, as the LAN/WAN and PC shops were short staffed and everything had to be patched by end of week.
So, after wading through a few boxes remotely, repairing WSUS, SMS, etc, I come along to one box that had zero bytes free on an HD that was both recently imaged and quite generous for the image.
Run the remove clear all temp script, still pretty full, run the clear old uninstall patch script, still bloody full. Check user profile size, most of the drive!
Running a dir /s > listing.txt and parsing to see if there were some odd temps that were missed by the usual scripts revealed an extensive stash in My Pictures - many, uniquely named to suggest pre-teen pornographic imagery.
At that point, it became a matter for the military police, who received a copy of listing.txt and a short report.
Whereupon a helpful SCCM push changed his screensaver to display the imagery from My Pictures.
We averaged one per year in the theater.
All could have avoided prosecution by simply keeping their filth off of government computers and leaving them on their personal computers, which were prohibited from touching government networks.
Our CERT ran annual "porn scans", as did CENTCOM. Something all users were briefed on before they were allowed to sign for their new accounts.
Mindbogglingly dim!
Ours was an idiot who, was last one in the office last thing on Friday, sent a very bad image to a colour laser printer. In the early days of colour postscript, the slow old printers would take an age to process the postscript and the guy just kept sending print after print when the first print didn't appear straight away. Eventually he lost patience and left the office.
So the prints were sitting on the printer output tray on Monday morning when the staff turned up. It wasn't just a sacking, it was a police matter and he was traced by logs.
Maybe that people shouldn't be using work computers to browse and store that stuff? Keep it on your own machine so I don't have to deal with the inevitable viruses you've brought in. Not to mention having to replace your suspiciously stained keyboard that suddenly stopped working.
"Absolutely correct but "Dave" was vindictive, he didn't report the guy until he realised the guy wasn't going to crawl to him."
I can kinda see your point here, but I suspect it's the way the article has been written, in the more jovial and laddish way that the Reg tends to like to portray "wacky" BOFH-style IT techs. Possibly "Dave" may have couched his original mail in more sober terms.
An alternative way of looking at it (if you ignore the possibly "embellished" style) is that they tried to help the guy out without fuss, and he not only threw it back in their face, but also tried to accuse them of something that no IT techie would ever do (not only is it quite frankly beneath us - we're already clever enough not to have to resort to such nastiness - but we know that our tracks would also be recorded).
In such circumstances Dave and co did what anyone would do, shrug and fall back on strict procedure - disable the offending user's account, requisition their equipment for investigation, and then inform their management.
Anyway, if Dave is to be believed, then the guy accused them of planting the file themselves, when he plainly knew this was not the case, since he'd obviously downloaded it himself. I hope you're not implying that you consider his behaviour acceptable?
"Absolutely correct but "Dave" was vindictive, he didn't report the guy until he realised the guy wasn't going to crawl to him."
I've been in information security for government networks for quite a few years and have given that "don't do that anymore, it's bloody intimately logged" talk quite a few times.
Some idiots do try that dodge and I then dump the idiot's traffic logs and ask him how he'd like his superior to see that high risk activity. I then assign them back for retraining on their annual end user security awareness training, which wouldn't have been insisted upon had they simply acknowledged the warning. Not because I'm being petty, but because a gentle warning wasn't acknowledged and I was certain more and likely worse behavior would endanger an entire bloody network.
Endangering an entire network, all to get your jollies is a career ending error, take the warning, don't do it again and we'll forget about it. Do that crap on the civilian network, on your personal equipment.
After all, if you get malware from that surfing, now I have to investigate, report on it way upstairs and some serious personnel actions are certain to follow, with an iron clad chain of evidence.
"Or is it just a technical superiority complex - I'm better than you because I know how to cover my tracks."
No, but it is knowing that if you watch and download porn on a work computer, while you're at work, you're probably breaking your organisation's code of conduct (which you would have agreed to when you joined), thereby risking your job if you're found out, and risking the security of your organisation's data and your own. Porn sites are a notorious vector for malware.
Did you actually read the article?
Downloading porn at work is usually a misconduct offense. The older chap did the employee a favour by warning him not to do it again, and a sensible person would accept that and move on - strictly speaking the correct procedure is to immediately report it to their manager.
Instead, claiming that 'IT did it' is trying to get the IT guy sacked. Planting data to get someone sacked is probably a criminal offence, too. At that point, would you do anything other than immediately escalate the incident as high as you could? If I was feeling extremely nice I might offer the person in question a final chance to reconsider, but if they persisted - escalation *and* if I ever ran into them at another firm, you can bet I'd recommend a scan of their IT equipment. Try to get someone sacked for something they didn't do? You can rot in hell for that one.
"The older chap did the employee a favour by warning him not to do it again, and a sensible person would accept that and move on - strictly speaking the correct procedure is to immediately report it to their manager."
The exact scenario I found myself in about x years ago, after noticing videos with "interesting" names going past while backing up prior to a user's PC upgrade. I deleted the files and had a quiet word, along the lines of "you really shouldn't be doing that", but a year later I upgraded the same user again, and similar files were seen.
In the first instance he was very apologetic and I felt that the matter could probably end there. However by the second instance we had implemented web-tracking so I had to make things official, not only to protect myself but also hopefully him from downloading something really unpleasant and getting a rollocking. He had a verbal warning from his manager and that was the end of it, but luckily for both of us our organisation was not very draconian, or he could have been sacked, and so could I for not reporting him the first time (something that was continually on my mind while making my decisions).
"So IT people can be petty and vindictive. Wonderful."
Umm, no. IT were just going to leave it with a quiet word so the guy can sort himself out.
Instead it was the user that was being spiteful. He was accusing the tech of deliberately planting an image on the user's machine - an offence much more serious than looking at a bit of porn. Collection and presentation of evidence is very much warranted in case the thing blows up threatening the iccocent tech's job.
There is actually the small possibility that he didn't in fact DL the image. I had a colleague many years ago who would regularly send cheeky emails or download things from other peoples PCs if they left them unlocked as a joke.
Its probably why our company now has a mandatory locking policy when away from your desk. Some people still fail to do that though.
Still harsh to blame the IT guy, could have been handled better by the pc owner.
"There is actually the small possibility that he didn't in fact DL the image. I had a colleague many years ago who would regularly send cheeky emails or download things from other peoples PCs if they left them unlocked as a joke."
No, what you're suggesting might be the case if it was just a single image, but the image trove they found and the browser trail they uncovered would argue strongly for a pattern of behaviour and not a single instance which might be attributable to a prank.
Not sure how you interpreted it as petty and vindictive, since both the stories involve:
a) IT finding something that could get the user fired
b) IT not reporting the user, but advising them to knock it off
c) User then blames IT for said sacking offence
d) IT then reports user
Seems like the user is being vindictive here. Since watching porn at work seems to be OK by you, then imagine if it where say evidence of embezzlement that IT found.
Can't really see any outrage, the superiority stuff is probably just people with common sense wondering why the hell someone would do their porn browsing at work (where it can get you fired) versus at home, or other private location. Or maybe it's just satisfaction at the fate befalling managers who are too lazy or dumb to use their own kit.
As for "I'm better than you" it's less about covering tracks and more about work is for doing work. If I want to read my My Little Pony slash then I can do it on my own time, on my own device.
The Register 
Biting the hand that feeds IT
Copyright. All rights reserved © 1998–2024
