Ranter
Join devRant
Do all the things like
++ or -- rants, post your own rants, comment on others' rants and build your customized dev avatar
Sign Up
Pipeless API

From the creators of devRant, Pipeless lets you power real-time personalized recommendations and activity feeds using a simple API
Learn More
Comments
-
theKarlisK9258128dIf it's on a work issued computer and you have a signed agreement, which allows you to be monitored ... then sure. However, if they ask you to work remotely but don't issue the computer to work on and none of your employee-employer job contracts/legal agreements ever mention anything about monitoring your every move ... then that's malware and they aren't legally warranted demands/requirements.
-
theKarlisK9258128dOr heck, that's not even a warranted prerequisite for working remotely. There can, of course be exceptions, where one must work in a highly sensitive information, but even then, you just wouldn't be permitted to work with that outside of the designated work area.
-
netikras31709128dI agree with @theKarlisK, but I'd also like to add: it's a severe security risk.
In your BAU you'll probably be typing secrets (passwords, keys, etc.), and they will be all logged and accessible by someone to read. And potentially impersonate you in your workplace by using your secrets to log in as you and do things under your name.
If you gained access to that log repository, you could impersonate anyone in the company.
Before agreeing to this type of surveillance, I'd be cautious and discuss the above concern with mgmt. Also, I'd like a job agreement mentioning secrets being logged and mechanisms in place protecting my secrets from being misused when obtained from keylogger logs.
Also, are these logs cached locally, in the filesystem, potentially exposing them to any malware that may come across your work laptop?
IDK, it smells bad. I don't like it.
Also, it gives me a signal that an employer does not trust its employees. -
CoreFusionX1464128dFor me, not having admin on a development machine is a deal breaker, so if I had admin I don't give a fuck what spyware they include. It's getting faked/bypassed/deactivated.
-
daniel-wu435128dDumb employer is dumb. What's that gonna achieve? Is he going to reprimand you if you stop typing for five minutes?
Verdict: leave the dumb company -
lorentz12276128dForcing workers to install tracking or monitoring software on their own computers for security is never justified. In the sequence of precautions you take to improve security, issuing centrally controlled laptops comes before wiretapping.
-
lorentz12276128dIf they're doing it to verify working hours, then it's probably disproportionately invasive and as such illegal. A lot of countries have laws that limit employers (and clients, in the case of contract work) to security and monitoring procedures whose invasiveness is proportional to the value being protected. (I actually learned this from DevRant, but it was so long ago I wouldn't find it)
-
theKarlisK9258128dPretty much the only environment where I can see keyboard logging justified is prison.
-
lorentz12276128d@theKarlisK In prison, you'd record the display and not the keyboard. You don't care about the inmate's passwords, and you don't want that stuff to end up with your typical prison guard anyway. However, you do want to observe both sides of conversations if you're observing conversations anyway.
-
theKarlisK9258128d@netikras from a draconian, black&white, perfect world point of view based in the 90s when there was only phone, email and fax for business and work communications.. no personal stuff should be happening on the work PC and no sensitive info such as passwords should be input because everything and everyone is connected to Microshit Active Directory.
.. in the real world, in the 21st century, however, there's an ocean of communication channels and authentication interfaces. I can understand the batshit demand for it ... but clearly those who demand it don't understand the incurred risk costs and the potential fallout.
My personal opinion - if I was suddenly required to have surveillance software installed on my work-issued computer I wouldn't much care for it. In turn, I'd
1)find how to circumvent it
2)would take an equally draconian approach, such as no personal stuff on pc whatsoever & be available only during business hours - don't care if prod is down on Sunday, I'm back on monday -
theKarlisK9258128d@lorentz sure, key logging would be the least effective way of monitoring if just that was being done ... but in principle as a whole, I can't imagine it as a completely normal thing being rolled out anywhere else but in prison. Again, I can see it being a requirement, I just can't think of any situations where that would be practical in the 21st century.
At the same time, just because I can't think of any, doesn't mean they don't exist. -
LotsOfCaffeine4508128dmost definetly illegal here in Germany
and it should be everywhere
A Dutch court even deemed it a human rights violation
https://arstechnica.com/tech-policy... -
jazznoodler131128dI would always assume that monitoring is in place…it’s not a big deal unless you are prone to repeatably typing the word ‘cunt’ in every chat and email
-
NeatNerdPrime3152128dIllegal, retarded and shows company has no trust into its employees. There are way better less invasive ways to measure progress. Also such techniques are prone to security infractions. Imagine you type in the root password of your main production database, and the managers laptop is able to see that password... And that laptop has malware installed because said manager has zero notions of security mindfulness....
Imagine the damages that scenario may cause. -
Inxentas819110dSure.
For 5.000 a month on top of my salary I would be willing to sell my privacy on ONE of my devices.
DevRanters,
What's your take on your employer mandating keystroke monitoring software installed on your machine when you want to work remotely?
rant