You thought "Official Use Only" included porn? For real?
October 7, 2007 7:22 PM Subscribe
You thought "Official Use Only" included porn? For real?
I was entrusted with a laptop owned by the public sector (recent employer). I let a friend use the laptop to do writing work while his computer was broken. I deemed this acceptable because at no time did he have access to employer's VPN-protected data. However, it would appear that he downloaded pornography.
Should I go back first thing Monday morning to clean up all traces before they use it? (and if so, how?) Or should I come clean to recent employer about this possibly questionable unauthorized use? This would be very uncomfortable as I am looking for a new job with the same employer. However, if they are going to see evidence on the computer, I would much rather they know I lent the machine than have them believe I used their laptop to access pornography. It is quite possible that the laptop will never be closely examined, but I believe it is a possibility.
I discovered this just before I had to return the machine. I deleted cookies, temporary internet files, recent file lists, etc before I dropped it off, but I'm worried there may still be traces. In scanning through cookies, the only objectionable site I found was stileproject.com. The file names in the Windows Media Player recent list were not explicit, but googling revealed their content. I dropped the machine off already, but I know they won't so much as turn it on before sometime Monday.
Should I go back first thing Monday morning to clean up all traces before they use it? (and if so, how?) Or should I come clean to recent employer about this possibly questionable unauthorized use? This would be very uncomfortable as I am looking for a new job with the same employer. However, if they are going to see evidence on the computer, I would much rather they know I lent the machine than have them believe I used their laptop to access pornography. It is quite possible that the laptop will never be closely examined, but I believe it is a possibility.
I discovered this just before I had to return the machine. I deleted cookies, temporary internet files, recent file lists, etc before I dropped it off, but I'm worried there may still be traces. In scanning through cookies, the only objectionable site I found was stileproject.com. The file names in the Windows Media Player recent list were not explicit, but googling revealed their content. I dropped the machine off already, but I know they won't so much as turn it on before sometime Monday.
You could go back and double check, but the chances of this becoming a problem for you are slim. Do you really think this is the only time their company laptop was used for porn? The fact is, if they let you use this laptop while you held some kind of position with them, and now their assets team has taken it back because you are moving on, or no longer need it, they will most likely re-image the machine before handing it off to somebody else.
P.S. Tell your friend he is a dick.
posted by B(oYo)BIES at 7:28 PM on October 7, 2007
P.S. Tell your friend he is a dick.
posted by B(oYo)BIES at 7:28 PM on October 7, 2007
also: bitch out your friend.
posted by mrbill at 7:40 PM on October 7, 2007 [1 favorite]
posted by mrbill at 7:40 PM on October 7, 2007 [1 favorite]
Response by poster: How do you know your friend didn't download your address book or take copies of your personal files?
Because he did not have the VPN password. The only way to access data was through a secure VPN connection.
I should also note that I cannot be terminated, as my employment already ended on good terms. My goal is to maintain good terms.
posted by colgate at 7:41 PM on October 7, 2007
Because he did not have the VPN password. The only way to access data was through a secure VPN connection.
I should also note that I cannot be terminated, as my employment already ended on good terms. My goal is to maintain good terms.
posted by colgate at 7:41 PM on October 7, 2007
"My goal is to maintain good terms"
1. Do nothing, hope all works out well.
posted by B(oYo)BIES at 7:43 PM on October 7, 2007
1. Do nothing, hope all works out well.
posted by B(oYo)BIES at 7:43 PM on October 7, 2007
Get the machine for a few hours, wipe the disk, feign ignorance when asked about the machine no longer booting/etc.
Desktop support will re-image it before redeployment.
Tell your friend to sod off.
Or don't worry about it and still tell your friend to sod off, depending on the lazy in the IT staff it will be re-imaged and deployed or not re-imaged at all.
posted by iamabot at 7:45 PM on October 7, 2007
Desktop support will re-image it before redeployment.
Tell your friend to sod off.
Or don't worry about it and still tell your friend to sod off, depending on the lazy in the IT staff it will be re-imaged and deployed or not re-imaged at all.
posted by iamabot at 7:45 PM on October 7, 2007
then there's the possibility your friend visited a really bad site, the kind that loads malware...
and now, somebody at your office is unwittingly using the infected machine, and all the passwords are being transmitted to bulgarian hackers...
who will, before the sun comes up tomorrow, have pillaged your boss's checking and brokerage accounts, in addition to stealing the identities of some of the people your public employer serves...
who will, in turn, lawyer up and go on the warpath for your scalp...
what part of "official use only" couldn't you comprehend?
posted by bruce at 7:49 PM on October 7, 2007 [1 favorite]
and now, somebody at your office is unwittingly using the infected machine, and all the passwords are being transmitted to bulgarian hackers...
who will, before the sun comes up tomorrow, have pillaged your boss's checking and brokerage accounts, in addition to stealing the identities of some of the people your public employer serves...
who will, in turn, lawyer up and go on the warpath for your scalp...
what part of "official use only" couldn't you comprehend?
posted by bruce at 7:49 PM on October 7, 2007 [1 favorite]
I borrowed a work laptop once to do a presentation that involved opening an internet browser and demonstrating a couple different webpages, including google. The internet cache and auto-complete functions both showed signs of porn terms and urls.
As the unsuspecting user of this company laptop, I was totally livid that it had evidence of porn browsing on it. It was embarrassing and made me look really, REALLY bad in front of the small group I was speaking to.
We couldn't figure out who had used the laptop last, otherwise the person probably would have gotten fired.
If I was you, I would check out that exact laptop again in the morning, say that you saved some files to it you need to get and then clear the cache, cookies and temp internet files.
posted by pluckysparrow at 7:50 PM on October 7, 2007
As the unsuspecting user of this company laptop, I was totally livid that it had evidence of porn browsing on it. It was embarrassing and made me look really, REALLY bad in front of the small group I was speaking to.
We couldn't figure out who had used the laptop last, otherwise the person probably would have gotten fired.
If I was you, I would check out that exact laptop again in the morning, say that you saved some files to it you need to get and then clear the cache, cookies and temp internet files.
posted by pluckysparrow at 7:50 PM on October 7, 2007
Oh, just reread and saw that you already wiped the internet history.
Maybe wipe the thing down with antibacterial wipes so the next user doesn't get dried spunk on their hands?
posted by pluckysparrow at 7:54 PM on October 7, 2007 [1 favorite]
Maybe wipe the thing down with antibacterial wipes so the next user doesn't get dried spunk on their hands?
posted by pluckysparrow at 7:54 PM on October 7, 2007 [1 favorite]
The ethical thing to do is to tell them. Your friend was browsing porn sites, which means the chance of compromise is fairly high. The seamy underbelly of the web is full of exploits and malware. With what it's been used for, the IT group needs to know that their security may have been compromised. If you have typed the VPN password on that machine since you got it back, hackers may be into the company network.
You screwed up enormously by lending that machine out, and not telling them is putting your employer's data at risk.
At the very least, you need to wipe that drive completely. Use a Linux boot CD and wipe it with dd.
(
You also should be furious with your so-called friend.
posted by Malor at 8:00 PM on October 7, 2007 [2 favorites]
You screwed up enormously by lending that machine out, and not telling them is putting your employer's data at risk.
At the very least, you need to wipe that drive completely. Use a Linux boot CD and wipe it with dd.
(
dd if=/dev/zero of=/dev/hda bs=512)You also should be furious with your so-called friend.
posted by Malor at 8:00 PM on October 7, 2007 [2 favorites]
Telling your employer will risk the employer suspecting that you are covering up for yourself.
I remember reading an article in which a lawyer described being busted with porn on his computer --- and his convenient excuse was, "Oh, come to think of it, I do recall catching the janitor using the computer one night, but it never occurred to me that he was looking at porn." My response: yeah, right.
Going to your employer and telling them your friend downloaded porn will make the employer suspect that you looked at porn, then found out, "Oh shit, no matter what I do to cover my tracks, traces of porn will remain on the computer."
You have one choice, my friend: take a sledgehammer to that computer, deposit the pieces in fifteen different ghetto dumpsters like an inconvenient corpse, and swallow the couple grand it will take to replace a "lost" laptop. Any other course of action will risk you being labeled a one-handed websurfing skeeve, and one with poor judgment, to boot.
posted by jayder at 8:13 PM on October 7, 2007
I remember reading an article in which a lawyer described being busted with porn on his computer --- and his convenient excuse was, "Oh, come to think of it, I do recall catching the janitor using the computer one night, but it never occurred to me that he was looking at porn." My response: yeah, right.
Going to your employer and telling them your friend downloaded porn will make the employer suspect that you looked at porn, then found out, "Oh shit, no matter what I do to cover my tracks, traces of porn will remain on the computer."
You have one choice, my friend: take a sledgehammer to that computer, deposit the pieces in fifteen different ghetto dumpsters like an inconvenient corpse, and swallow the couple grand it will take to replace a "lost" laptop. Any other course of action will risk you being labeled a one-handed websurfing skeeve, and one with poor judgment, to boot.
posted by jayder at 8:13 PM on October 7, 2007
"Umm yeah...a friend of mine hopped on my laptop and downloaded porn. I really hate that this happened and I've told my friend to never, ever touch my laptop ever again. Can you please wipe this completely clean and make sure my dumbass friend's stupidity doesn't cause any problems on our network?This way you are covered. You do not need to say that he did it with your permission and you do not need to say that he did it without you knowledge, yet you look like a responsible employee taking care of a problem...at least for the most part. Of course, the fact that your friend got on it and downloaded porn shows some level of irresponsibility, but you do not need to make this worse than it is.
Also, please let me know how to properly password protect the laptop so that this sort of thing never happens again."
(speaking as someone who has been the IT staff asked to deal with similar situations)
posted by Kickstart70 at 8:17 PM on October 7, 2007 [3 favorites]
The issue is not that your friend viewed porn. You won't be terminated for that. You'll be terminated for allowing that laptop out of your possession.
Wipe the traces and you likely won't get flagged during an audit... unless you're selling space secrets to the Chinese.
IAAL who worked on these types of cases during an internship.
posted by Mr_Crazyhorse at 8:49 PM on October 7, 2007
Wipe the traces and you likely won't get flagged during an audit... unless you're selling space secrets to the Chinese.
IAAL who worked on these types of cases during an internship.
posted by Mr_Crazyhorse at 8:49 PM on October 7, 2007
If you're comfortable with the white lie, Kickstart70's got it.
posted by desuetude at 9:15 PM on October 7, 2007
posted by desuetude at 9:15 PM on October 7, 2007
Do a search for the file types that are common for images and videos: .jpg, .png, .gif, .wma, .wmv, .avi, .mpg, .mp4, .vob, and so forth. You might even want to consider deleting every single new file created since loaning the machine out.
Delete any files that were modified since you loaned the computer to your idiot friend. Go into the browser; you have deleted the history, but you should also delete the cookies, the cache, and the file cache.
You can delete the Windows Media history as well: http://support.microsoft.com/KB/243621
Then don't say a word to your employer. Anyone can get hit by malware in their regular day-to-day work access to the Web, so it wouldn't be particularly suspicious.
posted by ten pounds of inedita at 10:23 PM on October 7, 2007
Delete any files that were modified since you loaned the computer to your idiot friend. Go into the browser; you have deleted the history, but you should also delete the cookies, the cache, and the file cache.
You can delete the Windows Media history as well: http://support.microsoft.com/KB/243621
Then don't say a word to your employer. Anyone can get hit by malware in their regular day-to-day work access to the Web, so it wouldn't be particularly suspicious.
posted by ten pounds of inedita at 10:23 PM on October 7, 2007
Here's a question: which browser did your friend use? I understand, a company laptop, the chances that it was Firefox are pretty slim, but it's still possible. If it was Firefox, you don't have as much to worry about.
In any event, run Ad-Aware, run Spybot, run the best anti-virus you can find (I hear AVG is good), and don't worry about the left-over traces. Your company's IT team sees far worse on a regular basis.
And don't lend out your company laptop again.
(Or go with Kickstart70's scenario, and get them to wipe it.)
posted by Kwirq at 10:25 PM on October 7, 2007
In any event, run Ad-Aware, run Spybot, run the best anti-virus you can find (I hear AVG is good), and don't worry about the left-over traces. Your company's IT team sees far worse on a regular basis.
And don't lend out your company laptop again.
(Or go with Kickstart70's scenario, and get them to wipe it.)
posted by Kwirq at 10:25 PM on October 7, 2007
Two cents from the perspective of someone who works in Desktop Support at a medium sized company.
1. We see all kinds of stuff people's computers. As to what action will be taken if found will depend on the policies of your particular organisation and how strictly they are enforced. Also, it will depend on the discretion of the tech who finds it. I've found porn before on people's machines but I didn't report it, because the person had left or I just didn't have a bone to pick with them. Or because the person had just died (really, this happened).
2. As someone already pointed out, there's a good chance the machine will be re-imaged before redeployment. Sometimes though, it won't.
3. Having said that you'd have to be really unlucky for someone to uncover the tracks given the steps you've already taken. I found it hard to imagine why someone would go over the machine with a fine comb unless they're looking for something. The only way I can see you getting pinned is if the machine is not reimaged AND THEN somewhere down the line FOR SOME REASON the next user or Desktop guys decide to comb the machine AND find what you went to some lengths to erase. Odds of that? Three eighths of F.A.
4. The chances of spyware / malware being on the machine are not that high. Also, as someone pointed out, surfing porn sites is not the only way to get this nasty stuff on your machine.
5. Re unauthorised use of the machine - Do you guys have any idea how many people let their kids and friends play with their work machines here? This is common, albeit against policy.
My recommendation: The best option would be if you know someone in the IT dept that you think you can trust then have a quiet word with them to explain the situation, and have them reimage the computer.
Failing that, do nothing. If they come asking you about it, tell them the truth. Honestly, I've seen alot worse ... don't sweat it.
I should get back to work : ) Good luck
posted by Tsar Pushka at 11:23 PM on October 7, 2007
1. We see all kinds of stuff people's computers. As to what action will be taken if found will depend on the policies of your particular organisation and how strictly they are enforced. Also, it will depend on the discretion of the tech who finds it. I've found porn before on people's machines but I didn't report it, because the person had left or I just didn't have a bone to pick with them. Or because the person had just died (really, this happened).
2. As someone already pointed out, there's a good chance the machine will be re-imaged before redeployment. Sometimes though, it won't.
3. Having said that you'd have to be really unlucky for someone to uncover the tracks given the steps you've already taken. I found it hard to imagine why someone would go over the machine with a fine comb unless they're looking for something. The only way I can see you getting pinned is if the machine is not reimaged AND THEN somewhere down the line FOR SOME REASON the next user or Desktop guys decide to comb the machine AND find what you went to some lengths to erase. Odds of that? Three eighths of F.A.
4. The chances of spyware / malware being on the machine are not that high. Also, as someone pointed out, surfing porn sites is not the only way to get this nasty stuff on your machine.
5. Re unauthorised use of the machine - Do you guys have any idea how many people let their kids and friends play with their work machines here? This is common, albeit against policy.
My recommendation: The best option would be if you know someone in the IT dept that you think you can trust then have a quiet word with them to explain the situation, and have them reimage the computer.
Failing that, do nothing. If they come asking you about it, tell them the truth. Honestly, I've seen alot worse ... don't sweat it.
I should get back to work : ) Good luck
posted by Tsar Pushka at 11:23 PM on October 7, 2007
My recommendation: The best option would be if you know someone in the IT dept that you think you can trust then have a quiet word with them to explain the situation, and have them reimage the computer.
Agreed. Also, this is why you should always labor to be on good terms with the people in IT.
If that's not an option, or you don't know/trust anyone in IT that you think will just laugh at you and re-image the machine quietly, just scrub it yourself. I don't see how there's any real value in pulling career seppuku over this, which is what self-reporting is going to be. You didn't compromise security, you just did something stupid, and you learned your lesson. Throwing yourself into the whirling gears of Corporate Procedure isn't going to solve anything further.
Just don't do it again, and give your friend the full on “WTF, dude” talk, because he needs it.
posted by Kadin2048 at 11:36 PM on October 7, 2007
Agreed. Also, this is why you should always labor to be on good terms with the people in IT.
If that's not an option, or you don't know/trust anyone in IT that you think will just laugh at you and re-image the machine quietly, just scrub it yourself. I don't see how there's any real value in pulling career seppuku over this, which is what self-reporting is going to be. You didn't compromise security, you just did something stupid, and you learned your lesson. Throwing yourself into the whirling gears of Corporate Procedure isn't going to solve anything further.
Just don't do it again, and give your friend the full on “WTF, dude” talk, because he needs it.
posted by Kadin2048 at 11:36 PM on October 7, 2007
Oh and as suggested, punch your thick friend
posted by Tsar Pushka at 11:37 PM on October 7, 2007
posted by Tsar Pushka at 11:37 PM on October 7, 2007
This thread is closed to new comments.
posted by spec80 at 7:28 PM on October 7, 2007