Why You Don't Surf For Porn If You Work For The Government

from the defies-reason dept

Data leaks are bad. Data leaks by government agencies are slightly more irritating. But how about a data leak at a government agency, thanks to a state employee getting a computer infected with a trojan by surfing porn? In another triumph for reactive security, the trojan sat on the computer undetected for four months, and only came to light after the employee got caught surfing porn at work and was fired. Oregon officials say its "anti-malware filters" didn't pick up the trojan because it was so new, the security software didn't recognize it. Uh, okay, but the real cause of this problem is the bonehead employee looking at porn on a state-owned computer. Though the person got fired, will there be any repercussions for either them personally, or the state? That's pretty doubtful. Until that changes, don't expect to see these data leaks subside.
Hide this

Thank you for reading this Techdirt post. With so many things competing for everyone’s attention these days, we really appreciate you giving us your time. We work hard every day to put quality content out there for our community.

Techdirt is one of the few remaining truly independent media outlets. We do not have a giant corporation behind us, and we rely heavily on our community to support us, in an age when advertisers are increasingly uninterested in sponsoring small, independent sites — especially a site like ours that is unwilling to pull punches in its reporting and analysis.

While other websites have resorted to paywalls, registration requirements, and increasingly annoying/intrusive advertising, we have always kept Techdirt open and available to anyone. But in order to continue doing so, we need your support. We offer a variety of ways for our readers to support us, from direct donations to special subscriptions and cool merchandise — and every little bit helps. Thank you.

–The Techdirt Team


Reader Comments

Subscribe: RSS

View by: Time | Thread


  • identicon
    CB, 16 Jun 2006 @ 5:10pm

    WOW

    I never knew they could do such a thing.. DID I mention IM FIRST!!!!!!!

    link to this | view in chronology ]

  • identicon
    Anonymous Coward, 16 Jun 2006 @ 5:16pm

    DUHHH

    ITS called NOVA NET or RSClient

    link to this | view in chronology ]

  • identicon
    Anonymous Bum, 16 Jun 2006 @ 5:16pm

    Norton subscription expired

    Bet that the virus wasn't that new rather they hadn't updated their subscription.

    *****Avast antivirus for 64bit****

    link to this | view in chronology ]

    • identicon
      Anonymous Coward, 16 Jun 2006 @ 10:02pm

      Re: Norton subscription expired

      FINALLY! a fellow Avast user! - honestly, why do people think they have to pay for subscriptions to Norton or any other? is it just because none of their friends like em enough to tell em about Avast and SpyBot?

      link to this | view in chronology ]

      • identicon
        Avast-loving anon coward, 17 Jun 2006 @ 12:08am

        Re: Re: Norton subscription expired

        You're not alone! Many porn sites I hath surfed for years while being shielded by a deadly-duo of Avast and SpyBot.. with an occasional Ad-Aware and weekly CCleaner for good measure. Not to mention heavy legitimate work, and leisure things, the typical p2p and gaming. Intercepted viruses, yes, as it should, but ever let one infect me and have to pick up pieces later? Not a once!

        Excluding Linux, some of the best things can be free. Kaspersky I feel is better, but why pirate when Avast can be legitimately free, and why pay when, again, Avast is good and free. Save that money to support good PC games instead.

        link to this | view in chronology ]

        • identicon
          Anonymous Coward, 17 Jun 2006 @ 12:09am

          Re: Re: Re: Norton subscription expired

          Oh, and on top of those, every good geek worth his beans has broadband, which almost always means a router, which almost always means a decent (free) hardware firewall. Again, free!

          link to this | view in chronology ]

      • icon
        Peet McKimmie (profile), 17 Jun 2006 @ 4:44am

        Re: Re: Norton subscription expired

        ...honestly, why do people think they have to pay for subscriptions to Norton or any other? is it just because none of their friends like em enough to tell em about Avast and SpyBot?
        It wouldn't have helped, because the infected machine was a work computer, not a home computer. Avast is only free for personal, non-work use, and using it any other way is piracy. Having said that, though, I wish they had paid for Avast in order to support the free version.

        link to this | view in chronology ]

    • identicon
      Dan Moutal, 17 Jun 2006 @ 2:05am

      Re: Norton subscription expired

      It was on the PC for 4 months! any trojan 4 months old should be in your virus defenitions

      link to this | view in chronology ]

      • identicon
        ctpmn, 17 Jun 2006 @ 9:17pm

        Re: Re: Norton subscription expired

        Well said.. well said.

        link to this | view in chronology ]

      • identicon
        ctpmn, 17 Jun 2006 @ 9:19pm

        Re: Re: Norton subscription expired

        Oh, and by the by, norton has really lost their gusto, although they used to be the best they are now a-vastly over rated.

        link to this | view in chronology ]

      • identicon
        ctpmn, 17 Jun 2006 @ 9:20pm

        Re: Re: Norton subscription expired

        Oh, and by the by, norton has really lost their gusto, although they used to be the best they are now a-vastly over rated.

        link to this | view in chronology ]

  • identicon
    CB, 16 Jun 2006 @ 5:19pm

    NOC

    Yeah you would have to have a full time staff to monitor all of the employes...... HOW about WEBSeNSE or do a router block on PORN... or do the AA Automatic alert when there is a Security breech or access block

    link to this | view in chronology ]

  • identicon
    Simon, 16 Jun 2006 @ 6:21pm

    Shouldn't the PC have been locked down so that only the IT department could install new software, anyway?

    link to this | view in chronology ]

    • identicon
      Anonymous Coward, 16 Jun 2006 @ 7:35pm

      Re: by Simon

      Sorry, it's just not that easy. If your IT dept locked the systems down that hard, you would be whining and crying about it, and callling your IT dept the new Jack-Booted Gestapo.

      Users have a responsibility to use their computers as the tool for the task that the computers are given to them to accomplish.

      Remember, Locks only keep the honest people honest.

      link to this | view in chronology ]

      • identicon
        TechKnow, 17 Jun 2006 @ 4:02pm

        Re: Re: by Simon

        I beg to differ. I t has been my experience that the average end user knows slightly more about smart computing practices than a newt...

        This is not even taking into account the intellect of someone stupid enough to cruise porn on the job... Much less a government job...

        I do my best to educate people, but I may as well be speaking Swahili...

        All the same, if everybody was a hotshot with a computer, I'd be looking for a job...

        link to this | view in chronology ]

    • identicon
      IT dude, 18 Jun 2006 @ 6:17am

      Re:

      shouldn't the computer be locked down so only the IT guys can surf the porn!

      link to this | view in chronology ]

  • identicon
    Val Hailgod, 16 Jun 2006 @ 6:24pm

    Who cares about the government. They are the problem not the porn.

    link to this | view in chronology ]

  • identicon
    Search Engines WEB, 16 Jun 2006 @ 6:37pm

    How about the CREATOR of the Trojan

    The employee isn't a bonehead - the people who install malicious content are boneheads....

    we are so accustomed to malware threats, we lose perspective - but they are wrong for doing what they did. Also, trojans are NOT limited to just PORN sites

    While you could blame the employee for being naive or the IT department for NOT locking down the computer, or NOT installing security updates - or even the anti malware software for NOT "pushing" updates...

    The REAL Villan is still the criminal that created the program that installed that trojan.

    link to this | view in chronology ]

    • icon
      Peet McKimmie (profile), 17 Jun 2006 @ 4:35am

      Re: How about the CREATOR of the Trojan

      Indeed. When somebody produces a really good news site that installs malware when you visit it will they start sacking people for browsing news at work?

      link to this | view in chronology ]

      • identicon
        tim, 18 Jun 2006 @ 5:59am

        Re: Re: How about the CREATOR of the Trojan

        Browsing news is the same as surfing porn? Where do you work?

        you getting viruses from CNN and FoxNews, ESPN, etc?

        Company policy might allow news sites, but pretty sure surfing porn is against ALL company policies in most work places.

        link to this | view in chronology ]

    • identicon
      rojo, 17 Jun 2006 @ 6:46am

      Re: How about the CREATOR of the Trojan

      That's it, shift the blame.

      link to this | view in chronology ]

    • identicon
      Anonymous Coward, 17 Jun 2006 @ 10:45am

      Re: How about the CREATOR of the Trojan

      It'd be impossible to track and convict all creators of malware.

      link to this | view in chronology ]

    • identicon
      Tim, 18 Jun 2006 @ 5:57am

      Re: How about the CREATOR of the Trojan

      Be for real.

      Pretty sure that while the creator of the Trojan is a villiian, the government employee didn't have porn surfing in his job description.

      Last I knew, government workers were paid by taxpayer dollars.

      So, if you pay ANY taxes, perhaps this might bother you. Unless society caused him to surf porn at work, against company policies..

      link to this | view in chronology ]

  • identicon
    Republican Gun, 16 Jun 2006 @ 6:47pm

    IT Locked down

    Shouldn't the PC have been locked down so that only the IT department could install new software, anyway?
    Our clients will have permission issues with my crappy sql server if they are not given admin priveleges. I'm told (probably being stroked) that Vista might fix it in the future.

    link to this | view in chronology ]

    • identicon
      Anonymous Coward, 16 Jun 2006 @ 7:30pm

      Re: IT Locked down

      Baloney. Learn how to construct a database properly

      link to this | view in chronology ]

      • identicon
        kilroy, 19 Jun 2006 @ 7:17am

        Re: Re: IT Locked down

        Well it is true that it is a bit of a cop-out, it is all too common. Everyone on the network wants full access to what they need when they need it. The end-user doesn't understand, nor care, about IT security. The management doesn't understand the need either, although they pay it lip-service. Seldom are they willing to pay the piper when it comes to dishing out the dollars to fund the learning and implimnetation of IT Security. And then there are the administrators who know enough to get them by ... Their skills are limited and they fall further and further behind all the time, but there are not enough hours in the day to do "this" and "that" and all the stuff on the "I'll have to get around to it" list. But they do what they feel is theri best.

        Unfortunately, only after a security breach do things usually change. So you might think the "black-hat" is the bad guy but he is also the prime motivationg factor in the fight against IT Security apathy .... Not that I condone the actions of the Hackers, and Crackers and Freaks (oh my), but without them we'd all still believe that woefully insecure computer opperating systems were great time-saving tools. Do you remember how your friends talked up Windows when it pushed DOS aside? And how each consecutive wave was supposed to be the next greatest thing since sliced bread? What about OS2? How about Mac OS X? Each in their turn has been exposed to exploits and has show us their flaws. But ask yourself, if software were to be tested until there were no flaws how much of it would actually ever make it to market?

        link to this | view in chronology ]

    • identicon
      August West, 17 Jun 2006 @ 8:49am

      Re: IT Locked down

      Regarding the admin priveliges thing, 9 times out of 10, applying the security template compatws.inf will solve the issue. Search for info at microsoft.com. It's part of the O/S and is applied through "Security Configuration and Analysis" mmc snap-in. Allows most legacy apps to run without giving admin rights to the user. Combine that with F/C to C:program filesprogram name and HKLM/Software/Program name, and they are golden.

      link to this | view in chronology ]

      • identicon
        Razorwire, 17 Jun 2006 @ 11:15am

        Re: Re: IT Locked down

        I don't think the cure is to use the compatws.inf file to solve the Users run as Administrator problem. We used that security template when we first rolled out XP in 2002. At that time, most software was not compatible with XP. We stopped using it by 2003, choosing to instead build our own security template to adjust permissions, and also using setacl and other utils to set registry and file perms. For even the most stubborn of our apps, users having write perms to the HKLMSoftwareappname key was all they needed. Modern apps load all User run-time reg keys into HK current user. None of our users run as Admin, and we have been running this way since the days of NT. Letting your users run as admin is stupid. Sure, there are a couple people reading this right now saying how smart they are, and how they know how to maintain their computer better than their IT dept., and how it is a pain in the ass to have to wait for IT to download (fill-in handy app name here), but that is just wrong. I'm sorry, but you cannot be trusted. When we ran with the compatws.inf file, we had to purge spyware regularly, because Users cannot be trusted not to go to spyware infected Web sites and download crap to their computers. Since moving off that security template, and only setting perms on the folders and reg settings for certain legacy apps, we are mostly spyware and virus free. Yes, machines still pickup spyware and viruses into Users profile directories, where they have full-control, but the damage they can do is mostly contained. No Users as admins. Figure out how to get your apps to work on a case-by-case basis, and use centralized software deployment like Altiris to roll it out.

        link to this | view in chronology ]

        • identicon
          sucks to be admin sometimes, 17 Jun 2006 @ 10:53pm

          Re: Re: Re: IT Locked down

          Sometimes I just love to call up those companies and complain about how their software doesn't work. The user needs admin rights you say? Why? Isn't that against best practices? Don't you care about security? Make the low level support guy sweat a little. Act like this is an outrageous request. If you can, get a developer on the phone and pester away. Usually somebody will at least have a list of folders and keys where permissions are needed.

          link to this | view in chronology ]

  • identicon
    Miataman, 16 Jun 2006 @ 7:56pm

    Negative Externalities

    Simon is right. Why should I lose my administrative rights because some loser can't figure out how to look at porn on the job without infecting her machine?

    link to this | view in chronology ]

    • identicon
      Miataman, 16 Jun 2006 @ 8:07pm

      Re: Negative Externalities

      I meant Annon. Coward is right---I misread his subject line. Maybe I'm too dumb to have administrative rights after all...

      link to this | view in chronology ]

    • identicon
      SRNissen, 17 Jun 2006 @ 12:38am

      Re: Negative Externalities

      Because you're bad at data security. That's why you aren't in IT, and data security isn't your job. It's IT's job. If we decide, in our infinite wisdom, that we need to lock down your computer, it might not be your fault. It might be your idiot colleague who thinks allowing any and every program, no matter how suspicious, to have internet access. Downloads every single damn attachment.

      - SRNissen

      link to this | view in chronology ]

      • identicon
        Somebody Somewhere, 17 Jun 2006 @ 11:33am

        Re: Re: Negative Externalities

        Yes, and that idiot colleague is the reason why, when researching language materials at work, I'm blocked from getting to online dictionaries... and, as I've reported 3 times to our IT staff already, one of our off-network computers is still running XP SP1, with Norton AV that expired last March. If I had the permissions (both on the computer and from my bosses), it would be about a half-hour fix. Seeing that level of negligence is like fingernails on a chalkboard me.

        Sigh...

        link to this | view in chronology ]

        • identicon
          SRNissen, 17 Jun 2006 @ 2:29pm

          Re: Re: Re: Negative Externalities

          Clearly, there are incompetent IT departments around the world, too. But the important lesson to take away from this is simple: Data security is not your job - unless it is, of course - and you don't have to do it. If IT locks your access down, it's not because they don't trust you, it's because they don't trust anybody. That will harm some people, yes. I remember well the trouble I could have with getting permissions from IT.

          Think of it like this: Either everybody has the same level of permissions (Which is going to be low by default) or you'll have to give some of your budget to IT so they can create a ranking system for the users. And if you get a high rank, and permission to fiddle with your PC, and something goes wrong, even if it isn't your fault, you'll take the blame because "you're supposed to know better" and they'll dock your pay and take your pension and make your wife cheat on you. That's how management works mang. Just accept the low-level permissons you have, and tell your manager to talk to IT every time you need permission for something you aren't allowed.

          link to this | view in chronology ]

    • identicon
      ctpmn, 17 Jun 2006 @ 9:12pm

      Re: Negative Externalities

      Umm, I'm pretty sure that 95% of all our 250 users are just that USERS they are not administrators. The only reason someone would need to be an admin, is if they are remote, cant vpn in, and need to install things. Regular users shouldnt be installing things, thats just a poorly run corporation. Users should USE, their computer. If your users can do anything then your just causing yourself unnecessary(sp) problems.

      link to this | view in chronology ]

    • identicon
      anonymous Tech, 18 Jun 2006 @ 1:25pm

      Re: Negative Externalities

      YES. You should only have admin rights if need it for your job. Everyone else gets the least amount of access needed to perform their job. If your job doesn't require Internet access, surf on your own time!

      link to this | view in chronology ]

    • identicon
      Anonymous Coward, 18 Jun 2006 @ 6:28pm

      Re: Negative Externalities

      Why should you login to your machine with administrative rights in the first place?
      Unless you are installing new software or creating users you have no need to write to the OS's core files.
      Windows is the ONLY environment where this particular form of stupidity is the "norm". Get a clue & save yourself some effort.

      It's not about your personal rights or privilege, it's about protecting the operating system installed on the machine, Both from it's users and the world in general.

      link to this | view in chronology ]

  • identicon
    Mike Mixer, 16 Jun 2006 @ 8:02pm

    The real solution is

    Take away every government computer, all of them.
    Slow em down you say,You bet. Grind government to a halt, You bet. Eliminating every piece of electronic equipment they use will reduce government to a lost little kid just like it should be.
    Oh yeah and if the idiots do manage to pass any laws they have to pay for them.

    link to this | view in chronology ]

  • identicon
    Borg, 16 Jun 2006 @ 8:57pm

    What they Don't tell you

    I live in Oregon where the news about this has been out for a while, and what they don't tell you in the article is that up to 2,500 people's identities may have been compromised because of that looser. yes there is a problem with those who make the Trojan, the government's computer system, and the guy, but quite frankly i don't care about what you do on uncle Sam's watch as long as it doesn't put my personal info at risk.

    link to this | view in chronology ]

    • identicon
      Former Oregonian, 18 Jun 2006 @ 11:10pm

      Re: What they Don't tell you

      What more don't they tell you? The Dept of Homeland Security has a no-bid contract with ChoicePoint to mine data on ALL Americans, including DNA samples.
      ChoicePoint is the data collection firm that managed to sell 145,000 persons private information, including mine, and would have kept it a secret if not for the laws of California, which require notification of those at risk. The oinly reason the media found out was because of those notices.
      I'm more interested in why the focus of most of the current investigation being done on behalf of the "War on Terror" is on American citizens!

      link to this | view in chronology ]

  • identicon
    John, 16 Jun 2006 @ 9:26pm

    Why You Don't Surf For Porn If You Work For The Go

    Hey, I work for the government (city) and the IT Department won't let anyone have admin rights. If you want software installed or an update you have to fill out a work order and they come and install it in the next few days. The IT folks can't figure out why they can't keep up with the workload? I also don't install software patches on programs I use because of the hassle to get it installed. The virus software also doesn't let us download software off the Internet. This is public software like cost/benefits analysis from FEMA.gov website. O'yes I am at home & off work right now & not using a City computer for this.

    link to this | view in chronology ]

  • identicon
    Uhospaghetto, 16 Jun 2006 @ 10:30pm

    I work for the navy IT world and i still hate installing anything other than avast... when people bring me their personal computers i always install avast.. and spybot, corse then like boneheads they bring it back 3 months later cause they didnt register avast and didnt keep spybot updatde... sigh - someday i will kill all the dumb people

    link to this | view in chronology ]

  • identicon
    nixr, 17 Jun 2006 @ 5:20am

    Fire IT

    Users are dumb and can't be expected to maintain their computers properly. The IT staff responsible for that employees machine should be fired. That is an example of lazyness. I would expect to there to be consequences if I let something like that happen in my environment.

    link to this | view in chronology ]

    • identicon
      DeadBeatPoet, 17 Jun 2006 @ 7:24am

      Re: Fire IT

      Nixr, I agree to some extent, decent A/V software is both centrally managed and requires NO intervention from the user or the administrators do download updates. My company uses McAfee's ePolicy Orchestrator and VirusScan Enterprise, and we have 0 virus infections since we migrated from CA's InoculateIT. Maybe if the gov't agency would get off their duff and use the software to it's fullest potential, things like this wouldn't be happening.

      However, firing IT because some ID10T user couldn't stay off the pron sites while he was at work is unreasonable and unfair. Any reasonable person would expect users in a work environment to maintain SOMETHING that resembles professionalism.

      My 2 cents,

      DeadBeatPoet

      link to this | view in chronology ]

  • identicon
    A_NON_MOUSE COW_ERRED, 17 Jun 2006 @ 5:45am

    let me get this straight

    So, the malware sat on the PC for FOUR (4) months, but it was SO NEW, their filters did not catch it? My security costs $30 and it catches 95% of everything, 3 days from it inception.

    link to this | view in chronology ]

    • identicon
      Jose Lopez, 17 Jun 2006 @ 2:02pm

      Re: let me get this straight

      Your paid for sercurity is updated every three days? How horrid! My free avast is updated almost daily. Sure takes the worry out Microsoft security flaws.

      link to this | view in chronology ]

  • identicon
    Anonymous Coward, 17 Jun 2006 @ 5:50am

    VERY VALID POINT

    I would like to agree with
      Search Engines WEB

    link to this | view in chronology ]

  • identicon
    Anonymous Coward, 17 Jun 2006 @ 6:35am

    porn is good

    link to this | view in chronology ]

  • identicon
    Alecks, 17 Jun 2006 @ 7:42am

    Good programs

    I, on my computer, use a mix of AVG, Spybot, Adaware, and ClamWin Antivirus. Plus I have InJoy Firewall (http://www.fx.dk/firewall/). And this is all behind a router.

    link to this | view in chronology ]

  • identicon
    Alecks, 17 Jun 2006 @ 7:43am

    Good programs

    I, on my computer, use a mix of AVG, Spybot, Adaware, and ClamWin Antivirus. Plus I have InJoy Firewall (http://www.fx.dk/firewall/). And this is all behind a router.

    link to this | view in chronology ]

  • identicon
    Alecks Again, 17 Jun 2006 @ 7:45am

    OS

    What operating system were they using anyway? They mine as well TRY to convert to something a little (and by a little I mean a lot) more secure than Windows.

    (sorry for the double post above - dunno how it happened)

    link to this | view in chronology ]

  • identicon
    achacha, 17 Jun 2006 @ 7:46am

    Gov't agencies need to step up their administration, a trojan that lived ona computer for 4 months is inexcusable. What happend to nightly virus/adware scans? I don't think I have ever worked in a company that did not have that (no matter for small or big), what is so hard about setting up a network wide daily scan?

    The other aspect is, why don't they check where the data was being transmitted and try to contact local athorities (while it is a long shot, I suspect a lot of people using malware aren't too bright, the authors were, the users are often script kiddies using their parents' ISP).

    Bottom line is that the network admin for that gov't office is a bonehead.

    link to this | view in chronology ]

    • icon
      Peet McKimmie (profile), 17 Jun 2006 @ 8:11am

      Re: achacha's comment

      What happend to nightly virus/adware scans?


      They were scuppered by environmentalists who insisted that people power down their desktop computers at night rather than leave them on standby, thus assuring that the 2am scheduled virus scans never happened.

      link to this | view in chronology ]

  • identicon
    Brandon Rusnak, 17 Jun 2006 @ 8:23am

    The Problem is Internet Explorer

    How much you want to bet that this guy was using IE while surfing?

    The problem is most corporate environments still have IE as the default browser, mainly because they can control it's settings via a central server. Also, if they were to switch to Firefox users could still do damage due to the lack of a standard way to lock down the browser, such as IE's Group Policy Settings.

    Oh, and what sort of idiot browses porn in the government? Also, how did he not get caught for four months or more? Cubicles are a baaaad idea.

    BMR777

    link to this | view in chronology ]

  • identicon
    jeff, 17 Jun 2006 @ 8:29am

    this is like telling me the sky is in the directio

    my mom has worked for the state government for a loong time. gaining access and eventually control of her terminal and those around her (for which all you need is a name and you've got driving records, tax records and criminal history, all kindsa stuff) wouldn't be difficult, especially if you did it on a day when someone spilled something on their keyboard so they just think their computer's doing shit all on its own because of that. the best part is, someone spills something on their keyboard, or in the back of their monitor, or on their tower...every day. you've got a whole bunch of people on one side of the security who don't know anything about it, don't know how it works or what any of it means. on the other side of the security are a whole lot of people just waiting for something like an orange julius down the vents in a monitor. it'd surely be nice if all sorts of our governments would spend money on computer training instead of, say, new desks for office managers, thousand dollar employee lunches, gifts from one employee to another...shit like that.

    link to this | view in chronology ]

  • identicon
    MEoip, 17 Jun 2006 @ 9:52am

    Cell phone

    I bet he was using his cell phone while surfing porn, that's why he did it so recklessly!

    link to this | view in chronology ]

  • identicon
    Valhalla Rising, 17 Jun 2006 @ 9:57am

    For one ANY govt employees should have to have to be assigned a security agreement when they get the job. Accessing the net while on a computer with sensitive information is dangerous enough from "Electronic Espionage Experts", without having some idoit piss on national security because he cant wait til the hooker arrives. I was Army, i had security clearance and I was responsible for ANYTHING that I was privy to. Theres many people at fault but if the numbskull had been doing anything he wouldnt be getting fired for this wouldnt have occurred. Blame whoever you want, HE made a decision, HE broke security, and HE pushed the button.

    link to this | view in chronology ]

  • identicon
    MEoip, 17 Jun 2006 @ 9:59am

    Cell phone

    I bet he was using his cell phone while surfing porn, that's why he did it so recklessly!

    link to this | view in chronology ]

  • identicon
    Kevin, 17 Jun 2006 @ 10:12am

    My two cents:

    Any office or business (government or otherwise) Should be keeping antivirus up to date. Having a Trojan, virus, or other malware is utterly unacceptable. It may be understandable to be vulnerable to attack for up to a week after a new threat is released. however ANY anti virus should be checking for updates at least once a week, and scans should be performed at least once a week.

    So, given the worst case a computer would be vulnerable for less than 7 days (assuming updates are scheduled to be applied before scans are scheduled.)
    I suspect the employee was fired not because that the virus was there, but because in most ANY place of employment viewing porn at work is agenst policy. Its a HUGE liability for a sexual harassment lawsuit. Its blatant miss use of company resources for both systems, time and bandwidth.

    but getting to the point. Why was this in the news? why does it stir up such debate? because 1. Its a government agency, and we as a society expect our government officials to be doing "good" and someone has been caught doing something "bad". 2. because it involved potential compromise of personal data and/or confidential information. 3. because (GASP!) it shows the fallibility of government network resources.

    So begins the blame game. We feel something wrong has been done. An injustice committed. As such we demand the guilty be found and punished accordingly! But who do we blame? The misguided employee who thinks its ok to surf for porn at work and got a virus from the websites? The IT department for failing to follow good practices in maintaining anti virus definitions, updates and scans, or using web filtering? Or do we blame the author of the software? do w blame the person who placed the Trojan on the porn site? do we blame the porn site that had the Trojan on it? The possibilities are endless.

    Personally I think that the employee deserved to be fired, surfing for porn on the job is just plain stupid. The IT department needs to be reprimanded for not providing for the security of the network in a timely manner, and changes in policy need to be implemented as well. Any and all traceable information needs to be given to the proper authorities to attempt to research the origin of the Trojan and the party receiving information thru it. And the web master for the porn site should be contacted to advise them of malware being spread via their services.

    link to this | view in chronology ]

  • identicon
    mike, 17 Jun 2006 @ 10:50am

    punish everyone

    Hey how bout following the totally non laiden with subliminal imagery comercial for mac, you know the one with the old sickly fat dude representing the PC and the new healthy young trendy starshmucks drinking n00b that represents the macintosh. No one writes viruses for mac, right?.?.

    Well, surfing porn whlie your on the clock suposedly earning a paycheck to do ANYTHING, wether you work for the govt. company xyz or even a grocery clerk, plain and simple dont abuse the system, and the rest of us wont kick your ass for messing it up for us that want to get some work done.

    Americans love to blame everyone else, its not my fault, its because it wasnt locked out, thats why I was surfing porn. Its not cause your a sick f*** that nees to see your porn 24X7. I think if you cant go a few hours without seeing something nekid you have a serious mental issue that you should seek out immediate psycological assistance, go go do it NOW, you sick f***... I bet you could see someone do something wrong they will blame someone else, you go to them, they will in turn blame someone else yet, and so on, till it reaches all the way around the world a few thousand times.

    Anyway, Ill admit I have surfed porn, never at work, I have been infected with trojans (ironic if you ask me, porn, trojan, condoms...) Anyway, GET BACK TO WORK YOU TAX HOARDING GOVERNMENT SLACKERS.......

    One more thing before I go, turn off java scripting, turn off active X and put your browser on high security or just use some Mozilla or something without the access to them. You will see a dramatic reuction in invasion attempts. This will not stop an attack if you download and install a program that had the installer infected with a trojan or malware.

    I only have one thing to say to those who take advantage of weaknesses and write viruses, trojans and data miners, go take a long walk off a short pier.

    Well, as much fun as typing this was, my break is over and I have to go do that which puts food on my table and a roof over my head. later all.

    link to this | view in chronology ]

  • identicon
    manny C, 17 Jun 2006 @ 10:54am

    this is sick

    well i hope the IT dept will purchase the equip to block this kind of access. also i hope the dirve in question after the data is saved for evidence for any criminal trial which i doubt is wiped or replaced in many companies the IT dept is considered the 1st place to cut and the 1st place to complain...

    link to this | view in chronology ]

  • identicon
    Scott, 17 Jun 2006 @ 11:15am

    Porn Surfing @ Work

    I work for a state agency. Our IT section has WebSense installed. All of our internet traffic is routed through a server that gets regular updates. We can't go anywhere that isn't work related including sports sites, religious sites, adult sites, auction sites, IM, and a host of others.

    Although many would find this annoying, I really believe that it is a good use of taxpayer money.

    link to this | view in chronology ]

  • identicon
    dorpus, 17 Jun 2006 @ 12:43pm

    India Outlaws Children's Songs

    Americans are fond of saying that India has a great education system which produces so many engineers. However, in the state of Andra Pradesh, the singing of "Baa Baa Black Sheep" and "Twinkle Twinkle Little Star" has been outlawed, for fear that children will become too Westernized. The state legislature, controlled by the fundamentalist Bharatiya Janata Party (BJP), decreed that children should receive more education in Hindu values.

    http://www.excite.co.jp/News/odd/00081150350974.html

    link to this | view in chronology ]

  • identicon
    Red, 17 Jun 2006 @ 2:27pm

    Hey, what can we say?

    Us Oregonians love our porn!

    link to this | view in chronology ]

  • identicon
    Lunatec, 17 Jun 2006 @ 2:34pm

    Pr0n ftw

    OK, there are a few things wrong here:
    A. Nobody should be stupid enough to be surfing porn at work.
    B. The IT dept should be smart enough to have updated antio-malware pushed to all the workstations
    C. There should have been anti-pr0n filters on the network.
    D. The only good trojans are purchased at the pharmacy
    E. Online pr0n isn't worth surfing

    link to this | view in chronology ]

  • identicon
    Rockus, 17 Jun 2006 @ 8:36pm

    Re:India Outlaws Children's Songs

    Hey get your facts right instead of spreading misinformation...the legislature in Andhra Pradesh is NOT controlled by BJP...don't try to put blame on so called 'fundamentalists' ....
    And engineering is in any way related to black sheep???and whats the relevance of posting here???

    link to this | view in chronology ]

  • identicon
    iloveporn, 17 Jun 2006 @ 8:57pm

    porn

    PORN IS AWSOME

    link to this | view in chronology ]

  • identicon
    Anonymous Coward, 17 Jun 2006 @ 9:25pm

    4 months? come on....

    link to this | view in chronology ]

  • identicon
    Anonymous Coward, 17 Jun 2006 @ 10:00pm

    they used use macs next time lol

    link to this | view in chronology ]

  • identicon
    dk, 18 Jun 2006 @ 12:27am

    dude... government workers are not the best. bunch of idiots... trust me... they're probably surfing porn too.

    link to this | view in chronology ]

  • identicon
    Apennismightier, 18 Jun 2006 @ 6:22am

    Idiot

    That guy deserves to get fired. The fact that you're on a state regulated computer should make you paranoid enough to not do anything stupid. And who has time to jerk it at work anyway? As for them not recognizing the software, that's their fault. The gov is supposed to be on top of that stuff... Where's Chloe O'Brien when you need her?

    link to this | view in chronology ]

  • identicon
    phil mccrevis, 18 Jun 2006 @ 10:33am

    m1crosoft is to blame. as usual.

    link to this | view in chronology ]

  • identicon
    Judah Jacobs, 18 Jun 2006 @ 1:09pm

    porn in the ass...ets

    State government is redundant. Why does Oregon state government exist? How does their government differ from the other 49 state governments? And city government? Ever sit in on a city council meeting? The ayes have it. We are morons for allowing the huge watse of money on thousands of city housing agencies in many many cities. Don't fire the employee. What did he do? What do any of these people do? Who needs them? Let's outsource it to highest bidder when we do find a need. And let us continue to consume.

    link to this | view in chronology ]

  • identicon
    Blitze, 18 Jun 2006 @ 1:39pm

    No thats not why

    It wasn't him looking at porn it was THEM using windows.

    Government using Windows.. no wonder our government is so messed up!
    ~blitze

    link to this | view in chronology ]

  • identicon
    Randolio, 18 Jun 2006 @ 3:55pm

    Avast

    I used to use avast nd noticed it doesn't work well on multi-language programs sand uses too much CPU speed. I now prefer Kaspersky

    Kaspersky is much better software

    Kaspersky includes a pop-upblocker, firewall, automatic updates, automatic scans(several), Web Mail scanning, Anti spy and hacker, and a system that finds malware that is not in teh database(aka brand spankin new virus)

    link to this | view in chronology ]

  • identicon
    Paul J. Ste. Marie, 18 Jun 2006 @ 5:36pm

    Around here there's certainly reprecussions...

    ...Though the person got fired, will there be any repercussions for either them personally, or the state?...

    Around here, TPTB prosecutes civil servants fired for surfing porn on work computers or improper email for misuse of gov't property.

    link to this | view in chronology ]

  • identicon
    Menolly, 18 Jun 2006 @ 6:22pm

    Government employee surfing porn

    The repercussions are that the person was fired (and rightly so). What else could be done?

    link to this | view in chronology ]

  • identicon
    Menolly, 18 Jun 2006 @ 6:27pm

    Porn Surfer

    By the way, our Firm monitors the use of the internet. They block webmail, porn and other inappropriate websites. The government can't do that? Are they too busy spending our money on vacations?

    link to this | view in chronology ]

  • identicon
    Michael, 19 Jun 2006 @ 2:48am

    Why You Don't Surf For Porn If You Work For The Go

    While I haven't waded through all of these comments (just the first dozen or so), one thing that I think helps contribute to these types of problems is the "one-size-fits-all" software rollout that most IT departments employ. While I realize that tons of time is spent supporting end users and their systems and that a good disk image or installer script makes the load lighter, I've often marvelled at how many employees have access to applications they just don't need.

    It seems commonplace to just load up MS Office Professional and several other apps and call it a day. No one questions whether certain positions need Outlook, Access, or IE, it just gets handed to them like name badges on their first day. Often, there is no training to go with these new applications and thus the nightmare begins. People who may never have owned or used a computer before in their lives now have the latest and greatest system at their finger tips.

    I've seen shop floor assembly workers with full blown systems that have Office w/Outlook and full web access. The reality is that they may get two emails a month and only use Office to open Word formated procedures. All they really need is Word or PDF reader software so they can view those procedures and someone to hand them the couple of memos which come from HR or whatnot throughout the month. But the get the whole shebang and then surf the web or play Solitare or Hearts on their breaks and at lunchtime. If they didn't have access to as many apps/services, they couldn't cause as many problems.

    I realize that this would take some extra work and that it would affect Enteprise Licensing budgets and a variety of other like issues, but considering the cost of cleaning up some of these messes, would those costs be justified in the long run.

    link to this | view in chronology ]

  • identicon
    WhosYourDaddy, 29 Jun 2006 @ 10:44am

    Sorry

    Sorry guys, but I hear a bunch of comments here that talk about how stupid people are for not locking down machines, having content filters, firewalls, anti-virus, or anti-spyware software, etc....

    The reality is that locking down a machine is not a fix. Sure it will prevent most software from being installed (that require administrative priviledges), but most spyware/virii do not need administrative priviledges to install itself. These spyware/virii developers are much more crafty than their corporate counterparts such as Symantec/Microsfot, etc... These companies mostly have software that depend on signature based definitions that look for behavior patterns of an already identifed spyware/virus program. This is reactive, not proactive, which means that all the new viruses/trojans/spyware can be installed on all of our machines without us knowing until these companies find out about it and provide an updated definition or security vulnerability fix to patch it. So this problem can happen to every single one of you, and none of you can completely eliminate the risk of getting these virii/trojans on your network, but at most minimize the risk by installing the most up to date software techniques to catch the already identified virus/spyware.

    There are some software programs on the market now that are behavior based versus signature based such as Cisco's CSA, or some more intelligent in-line Intrusion Prevention Systems, but for the most part, they are not as far along as the virus/spyware developers are. Most content filters are close to worthless because the porn/spyware companies are poping up new domains everyday and the blacklist or content blocking heuristics will never be completely up to date.

    So quit calling everyone stupid, because your network is catching all the same crap as everyone else, unless you have a network of one or two PC's and have just gotten lucky.........

    Love,
    Pablo Escobar

    link to this | view in chronology ]

  • identicon
    workin 4 tha man, 28 Mar 2008 @ 8:36am

    HELP! I'm looking @ p*rn on company pc!

    Ok, I admit it, as much as I try, I get bored...I'm a work-a-holic, I'm here 1st & leave last,I get twice as much work done as everyone else, but I'm erratic.
    I may work like crazy & get lots done in 3 hours, then I want to kick back & just "surf", to say that I dont sometime surf over to a little bit of xxx action would be a lie.
    This is a great job & I dont want to get fired.
    I've downloaded disk cleaning & internet privacy software that seems really good, I'm fairly certain my computer is clean. But I'm ignorant as to what exactly anyone looking could find if they searched the server.
    Is it tags?
    Is it address', what?
    Our office has 7 computers, networked and going through a server which "backs up" every day after we close. We dont have an IT department or anything like that. So if I look at some questionable sites & immediately after I finish & I run the "cleaner", am I still at risk of someone seeing what I looked at?
    I guess what Im asking is how does it all work?
    Is there a work around? Is there software out there that I could install that would prevent any of what I do from going to the server?
    What exactly can be retreieved from the server?
    is it just website addresses they see?
    What if I go to sites that don't have anything "descriptive" in the address, such as "www.flurl.com", where there are a lot of great vids, but in the address bar there's nothing but a bunch of non descript code...?

    link to this | view in chronology ]

    • identicon
      Anonymous Coward, 4 Jun 2009 @ 9:15pm

      Re: HELP! I'm looking @ p*rn on company pc!

      Dude. I'm hoping you get caught.
      In order to access the internet, your connection goes THROUGH the company server. You don't have the admin rights to bypass the server so that you can continue to look at porn on the clock. You want to do it at home? that is your choice as long as it is not kiddie porn. You don't have permission to "clean" your access from the server. If your conscience is bothering you, have you considered just not surfing to the questionable sites? Your days are numbered...

      link to this | view in chronology ]


Follow Techdirt
Essential Reading
Techdirt Deals
Report this ad  |  Hide Techdirt ads
Techdirt Insider Discord

The latest chatter on the Techdirt Insider Discord channel...

Loading...
Recent Stories

This site, like most other sites on the web, uses cookies. For more information, see our privacy policy. Got it
Close

Email This

This feature is only available to registered users. Register or sign in to use it.