RE: Spy Software & Internet/Email Monitoring

["Trevor Cushen" <Trevor.Cushen () sysnet ie>]

******************************************************************************

This email and any files transmitted with it are confidential and intended 
solely for the use of the individual or entity to whom they are addressed. 

If you have received this message in error please notify SYSNET Ltd., at
telephone no: +353-1-2983000 or postmaster () sysnet ie

******************************************************************************
Such as stalking laws, human rights to privacy laws etc etc, hard to
'spy' without breaking any laws really (yes/no?).
Yes he did say pirated copy by the way.  The BSA may be monitoring this
list!!!!! :)

Covert spying software just seems like a bad way to build a good working
relationship within a work place regardless of any laws.  Just try and
keep it secret that covert software is being used in any work place.
Once users become aware of that then you will have a lot more problems
then you thought you had before.

I think the legal side should be left with the legal people (my two
cents).  A list like this is great for advise and recommendation but I
urge people using the list to do more investigation when legal matters
come up before introducing spyware or any such solution, but that's just
another two cents from me.




-----Original Message-----
From: dave [mailto:dave () netmedic net] 
Sent: 15 April 2003 03:21
To: Trevor Cushen; security-basics () securityfocus com
Subject: RE: Spy Software & Internet/Email Monitoring


Did he say he installed a " a full pirated copy".....??????


Well the thing I wanted to say is you can spy on any one you want, as a
non- Law Enforcement Officer, as long as you do not break any laws doing
so.

But, whether or not any thing you see, hear, or record during this is
admissible in court is another story.

Dave

 
_____________________
Dave Kleiman
dave () netmedic net
www.netmedic.net

 


-----Original Message-----
From: Trevor Cushen [mailto:Trevor.Cushen () sysnet ie] 
Sent: Monday, April 14, 2003 05:08
To: security-basics () securityfocus com
Subject: RE: Spy Software & Internet/Email Monitoring

************************************************************************
****
**

This email and any files transmitted with it are confidential and
intended 
solely for the use of the individual or entity to whom they are
addressed. 

If you have received this message in error please notify SYSNET Ltd., at
telephone no: +353-1-2983000 or postmaster () sysnet ie

************************************************************************
****
**
It is very interesting that these two threads are running side by side
on the list.  I didn't note who sent the original post on the spyware
but anyway might have your boss look into the legalitites of spyware
software being used with employees.  They must be informed they are
being monitored is the jist of the other thread on monitoring.  The
phone home in the mail below this is not a happy thought either and
makes you wonder what right the software had to do that.  Must have a
look at the license agreement there!!!.  AppWatcher is another one which
produces screen shots etc and was shareware or freeware last time I
looked.  But these types of software are very intrusive and should be
handled with care.  What is your bosses plan of action if he finds 20
employees mis-using company resources two days after the software is
installed.  Disaster recovery and business continuity plans spring to
mind.  Has he a policy in place?.  Is HR aware of this monitoring?.  Are
the companies legal people aware of it and how to handle the information
in an unfair dismissal case? 
You have to install it on all workstations or else you could be accused
of discrimnating.

Anyway that's my two cents as the saying goes.

But I will point out that these two threads certainly show the value of
this list and long may it continue :)

Trevor Cushen


-----Original Message-----
From: Michael Parker [mailto:mparker () rim net] 
Sent: 11 April 2003 17:28
To: Richard Pachito; security-basics () securityfocus com
Subject: RE: Spy Software


I installed a full pirated copy of this one once for "evaluation
purposes".  Much to my surprise, even though I had entered a serial
number and opted not to register and specifically chose not to obtain
any upgrades or signatures, I received an email a day or so later that
the software was not a legal copy and to uninstall it.  Obviously the
software has some ability to "phone home".

I tried a few of these utilities and they are kinda scary...Blazing
Tools Perfect Key Logger and Iopus Starr Pro. Once I got that email I
uninstalled the software and went crazy getting software to detect any
further "Spyware".  The problem is now that some of the spyware uses
"Black Code" to prevent "spyware detectors" from working properly
(unfortunately I can't find the document that provided that info).

Regards,
Michael

-----Original Message-----
From: Richard Pachito [mailto:alpyha () prodigy net] 
Sent: April 10, 2003 7:35 PM
To: security-basics () securityfocus com
Subject: Spy Software


Hello, I administer workstations for a small company and the boss
recently asked me to isntall sofware called "Spector Pro".  It is a
'spy' utility that captures keystrokes, e-mails, instant-messages
(YIM,AIM,ICQ), and takes screen shots every X amount of time.

What I was wondering is how exactly does this program hide itself in the
system.  I've called their techs a few times to end with a repsonse of
'we are not authorized to disclose such information'.

The recorded data is saved in a C:\winnt\system32\netext\ folder but no
exec.  There is nothing unusual listed in Task Manager that would lead
me to the application running in the background.  Would anyone happen to
know how exactly this application works.  I believe a user would have
the right to know what is running on their system, and I'm kinda ticked
off that Spector Soft denys such information.


-------------------------------------------------------------------
Is SPAM over-loading your e-mail server, disk space or bandwidth?
SurfControl E-Mail Filter is flexible, intelligent and policy-driven
protection. http://www.securityfocus.com/SurfControl-security-basics2
Download your free fully functional trial, complete with 30-days of free
technical support. Stop SPAM before it stops you.
-------------------------------------------------------------------


-------------------------------------------------------------------
Is SPAM over-loading your e-mail server, disk space or bandwidth?
SurfControl E-Mail Filter is flexible, intelligent and policy-driven
protection. http://www.securityfocus.com/SurfControl-security-basics2
Download your free fully functional trial, complete with 30-days of free
technical support. Stop SPAM before it stops you.
-------------------------------------------------------------------


-------------------------------------------------------------------
Is SPAM over-loading your e-mail server, disk space or bandwidth?
SurfControl E-Mail Filter is flexible, intelligent and policy-driven
protection. http://www.securityfocus.com/SurfControl-security-basics2
Download your free fully functional trial, complete with 30-days of free
technical support. Stop SPAM before it stops you.
-------------------------------------------------------------------





-------------------------------------------------------------------
Attend Black Hat Briefings & Training Europe, May 12-15 in Amsterdam, the
world's premier event for IT and network security experts.  The two-day
Training features 6 hand-on courses on May 12-13 taught by professionals.
The two-day Briefings on May 14-15 features 24 top speakers with no vendor
sales pitches.  Deadline for the best rates is April 25.  Register today to
ensure your place.  www.blackhat.com
-------------------------------------------------------------------