back to article Staff sacked after security sees 'suspect surfer' script of shame

As your Vultures are off fighting over the remains of the Christmas dinner, we've lined up a feast of a different nature: a bonus instalment of Who, Me? This week, we hear from reader José, who wrote in to tell us how a prank led to some of his former colleagues getting their marching orders. It was back in the late '90s, and …

Page:

  1. _LC_ Silver badge
    Thumb Down

    What a cunt!

    Didn't we take in anything from history classes?

    1. A.P. Veening Silver badge

      Re: What a cunt!

      This is the history you should learn from.

    2. The Man Who Fell To Earth Silver badge
      Black Helicopters

      Re: What a cunt!

      Lesson #1: Never let your phone use your workplace WiFi.

      Lesson #2: Do you private surfing at work on your phone.

      1. A.P. Veening Silver badge

        Re: What a cunt!

        While excellent advice in the present, it would have been a bit hard to do at the time of the story (somewhere in the '90s, before the first smart phone was even invented).

        1. BillG
          Facepalm

          Workplace Darwin Awards?

          Even in the 90's, wouldn't be common freakin' sense to not surf dodgy websites at work? From the very first time my workplace computer had internet access (1995?) my co-workers and I knew enough not to surf anything we knew we didn't want management to see.

          Appropriate icon chosen.

          1. Anonymous Coward
            Anonymous Coward

            Re: Workplace Darwin Awards?

            "Even in the 90's, wouldn't be common freakin' sense to not surf dodgy websites at work? "

            About that time there was a popular search engine called hotbot.com. There was the occasional call to the firewall team to explain that the caller had accidentally hit "Y" instead of the adjacent "T" - and hadn't noticed the typo until the HotBoy site responded..

            1. Chris King

              Re: Workplace Darwin Awards?

              Boyzone.com was another one that caused some hiliarity - some of the students would hit it instead of the boy-band's URL, and get more in the way of flesh tones than they were expecting. I even had a couple dob themselves in for making the mistake, I toild them not to worry about it but don't make a habit of visiting regularly because other students would just point and laugh at them.

              I had a similar experience once, just by missing out a hyphen.

            2. Anonymous Coward
              Anonymous Coward

              Re: Workplace Darwin Awards?

              "hotbot.com .... the caller had accidentally hit "Y" instead of the adjacent "T" - and hadn't noticed the typo until the HotBoy site responded.."

              I know a guy who, many years ago, took his kids to Disneyworld and the Epcot Centre, where they had a futuristic display of 'high speed internet' (probably just a T1) complete with large screen displays that you could use to surf the net. He decided to show off by accessing his investment account back in the UK, something like 'moneymaker.co.uk', but typed '.com' instead... unfortunately the dotcom turned out to be a version of Paypal for the porn industry... "COVER THEIR EYES!!... WHERE'S THE OFF SWITCH?..."

          2. Anonymous Coward
            Anonymous Coward

            "wouldn't be common freakin' sense to not surf dodgy websites at work?"

            Actually, I believe many people who don't know what a proxy is think:

            1) Surfing dodgy websites at work is cheaper (especially in the 1990s when you might not have had always on and flat fee "broadband" connections

            2) (In the 1990s) It is faster than my 56K connection

            3) My partner/family won't discover my habits

            In a company I was working for in those years, we found a tester that spend most of his time collecting dodgy downloads, instead of testing our software. He was actually fired because he faked test results, it was much simpler, and it didn't invade his privacy <G>

            Common sense most of the time loses when greed and hypocrisy take control of someone.

            1. Anonymous Coward
              Anonymous Coward

              Re: "wouldn't be common freakin' sense to not surf dodgy websites at work?"

              And some staff had years of experience not getting caught.

              A London council decided they needed better workplace compliance tools at round the turn of the century after one of their staff was caught looking at pornographic images in an unusual manner. He printed them. And phoned the help desk to ask for assistance when they didn’t print out. And the help desk sent a poor techie to assist...

              1. IceC0ld Silver badge

                Re: "wouldn't be common freakin' sense to not surf dodgy websites at work?"

                A London council decided they needed better workplace compliance tools at round the turn of the century

                ===

                THE CENTURY ................ WTAF

                I feel so old now

                in work, it's Boxing day, and up until NOW, LAST CENTURY was the feckin VICTORIANS ffs :o)

                anyhow, I will need a strong lie down in the morning to get over this latest old age revelation :oP

                1. Doctor Syntax Silver badge

                  Re: "wouldn't be common freakin' sense to not surf dodgy websites at work?"

                  "I feel so old now"

                  You should worry. We had the extended family round last night. Ignoring one cousin who's a great deal older than the rest of use we realised that the first of our [i.e. cousins'] children has now reached 50. That really was frightening.

              2. Ommerson

                Re: "wouldn't be common freakin' sense to not surf dodgy websites at work?"

                If you are an avid reader of Private Eye's Rotten Boroughs column you'll know that it's not council officers who are getting in trouble for poor network hygiene, but the councillors themselves. You can well imagine that the average councillor is not very literate technically, gets given a council device, and has the opportunity to visit the darker parts of the internet they wouldn't dare visit at home lest their husband/wife found out.

            2. Mark 85 Silver badge

              Re: "wouldn't be common freakin' sense to not surf dodgy websites at work?"

              We had one of those that didn't get fired for several years. He was the "canary" in the mine sort of. His browsing records were examined daily and new sites added to the block list. At some point he figured out to get around the block list it so IT watched and figured out how he did it and reworked the firewall. Finally layoff time came around and he was the first to go. The security department sent him a box of candy with a "thanks for all your help" note. I kind of doubt that he understood the gift.

            3. Ian Michael Gumby
              Boffin

              @AC Re: "wouldn't be common freakin' sense to not surf dodgy websites at work?"

              First, in the early 1990s only an uber geek would have a switched 56KB leased line which in the states was around $400.00 a month.

              Then there was this thing called USENET so you really didn't have to go to dodgy web sites to surf. The stuff came to you if you had the disk space to hold some of the alt.binaries. groups.

              So your 'family' would never find your 'surfing habits'.

              Of course things advanced quite a bit in the late 90's. I didn't get my domain until '94 because I couldn't afford it before then including the rack for the servers.

              Sorry, no pity.

              1. jake Silver badge

                Re: @AC "wouldn't be common freakin' sense to not surf dodgy websites at work?"

                As early as the early 1980s, Internet bandwidth getting maxed out always meant porn. Back then it was bunnies on USENET and open FTP servers. Prior to that, Fidonet and other BBSes had the same problem. Indeed, a case could be made that it was porn, and not gaming or gambling, that drove connectivity.

                I know for an absolute fact that EVERY male college student's computer that I've worked on over the last 35 years or so has contained traces of porn. The coeds didn't start picking up on Internet porn in college until around a 20 years ago ... and now, they are equal to the boys.

                In business, over the last quarter century or so, probably 80% (or thereabouts) of all male middle management PCs contain traces of Internet porn (in my experience). The ladies started surfing porn around 15 years ago, and are now (roughly) equal to the men. Obviously, those stats are in companies without cluefull network administration.

                Not trying to justify it, nor vilify it, and likewise not drawing conclusions, just stating my observations. Do with them what you will.

                1. Nick Kew

                  Re: @AC "wouldn't be common freakin' sense to not surf dodgy websites at work?"

                  As early as the early 1980s, Internet bandwidth getting maxed out always meant porn.

                  1980s porn being ASCII porn. As in (.) (.) . If you mean anything more ambitious, I'll refer you to this from my blog.

                  I guess you never worked in a data-heavy environment.

                  First web server I set up for $work was about access to satellite image data. The expectation was that clients would order the actual data on tape[1], but I convinced management to allow limited online actual download. The limit was eventually set to 10Mb, for those whose line would hold up for the very long time that would take.

                  [1] The fact they could use a nice WWW GUI including an applet to select a dataset from an interactive and zoomable map display was radical for the time. A few years later ('96 or '97) Java applets arrived and some of that capability migrated to clientside.

                  1. jake Silver badge

                    Re: @AC "wouldn't be common freakin' sense to not surf dodgy websites at work?"

                    No, Nick, we had real pornographic computer images in the late 1970s. Not very good images, mind, but they existed. It was crude technology, but it worked. How crude? Look up CROMEMCO's Cyclops and Dazzler (1975). Things rapidly improved from there (how could they not?), and by the mid 1980s .tga made it's appearance ... As did SGI. And trust me, as soon as bit-mapped displays showed up, there was porn on them. It would seem to be human nature.

                    The Great Renaming (1987) was arguably brought about partially because of the binaries that were being posted at random all over USENET. As a guy who ran a news farm back then, I can assure you that most of said binaries had been porn since roughly late 1982.

                    Data heavy? Does SLAC count? How about Bigger Blue? We could see a spike in traffic when someone was eyeballing porn, even in the old days. Maybe especially in the old days, when practically every byte of connectivity had to be accounted for.

                    1. MCMLXV

                      Re: @AC "wouldn't be common freakin' sense to not surf dodgy websites at work?"

                      Fuck me, but you're such a self-centred twat, jake. Almost every sentence, every pronouncement begins with I: I have, I owned, I used, I'm the boss of, etc. et ad nauseam. I remember you recommending "wild-caught yeast" for a recipe. Wild-caught feckin yeast? To an audience of techies who mostly llive in massive conurbations? If I remember right, you live in Sonoma. I don't know how the "no" sneaked in.

                      1. jake Silver badge

                        Re: @AC "wouldn't be common freakin' sense to not surf dodgy websites at work?"

                        So, MCMLXV, I'm a self-centered twat for commenting on topic, relating life experience from a few dozen years in IT? Presumably, all the other ElReg commentards who have similarly commented in this thread are also self-centered twats? That's a mighty wide brush you tar with, pardner.

                        And what's wrong with wild-caught yeast? I've caught yeast in London (city of), Manhattan and Toronto. They all make good bread, with slightly different rise times, flavo(u)rs and textures. You have an issue with that? Maybe you should try learning to bake bread (as many of the techies here profess to do!), you might discover you enjoy sharing the fruits of your labo(u)rs with your nearest & dearest. Much better than finding fault with a meaningless poster on an obscure Internet forum, no?

                        Not sure what the name of a town that existed over 100 years before I was born has to do with your rant. But I'm sure you can elucidate. Perhaps without the ad-hom this time?

                        Hint: Search on "wild caught yeast" in the search engine of your choice. Yes, it even works in your favo(u)rite massive conurbation.

                  2. heyrick Silver badge

                    Re: @AC "wouldn't be common freakin' sense to not surf dodgy websites at work?"

                    " you mean anything more ambitious, I'll refer you to this from my blog"

                    You might have had a point had you said you'd not inadvertently stumbled into kiddie porn, however adult porn is everywhere.

                    Google "cute Japanese girl" because you're looking for a nice backdrop. The top set of links is from a site called pornhub. Switch to image list and it's fifty-fifty as to whether or not the girl pictured is in underwear, or less. Evidently "cute" has a different meaning online. But then there is also the infamous "rule 34" to consider. Porn is everywhere.

                    It was like this a decade ago, it's like this now, it'll be like this a decade from now...

                    1. Jtom

                      Re: @AC "wouldn't be common freakin' sense to not surf dodgy websites at work?"

                      I was researching for new voice platforms for advanced services (or so they were back then) for a telco. I put the obvious words in a search engine: telephone platform voice services price. An amazing number of porn sites came up (“platform shoes”, “sultry voice”, “telephone sex”, services and price (no explanation needed)). Scared to death that I would be accused of porn surfing. Learned quickly to include a few highly technical terms.

                2. phuzz Silver badge

                  Re: @AC "wouldn't be common freakin' sense to not surf dodgy websites at work?"

                  I've been told the tale of a sysadmin at a particular university, who would take advantage of their JANET connection to download effectively all of the new images on Usenet daily, and would archive to tape to take home.

                  No points for guessing what sorts of images.

                3. Alan Brown Silver badge

                  Re: @AC "wouldn't be common freakin' sense to not surf dodgy websites at work?"

                  "The ladies started surfing porn around 15 years ago, and are now (roughly) equal to the men. Obviously, those stats are in companies without cluefull network administration."

                  FWIW, when I did time in a video rental store (remember those?), women were by far the more prolific hirers of porn, usually hitting the weird hardcore and gay male porn harder than men hit the lesbian stuff.

                  That's about when I realised that there's little difference between the sexes, confirmed a couple years later when one of my cow-orkers started complaining about his daughters (plural) watching hardcore gay porn on the family widescreen TV and him being confronted with this as he walked in the front door. (Still back in VHS days). GoatSe images appeared a long time before the Internet.

                4. John Smith 19 Gold badge
                  Coat

                  The ladies started surfing porn around 15 years ago, and are now (roughly) equal to the men.

                  Equality.

                  It's not just for the good things of human nature, like pay.

              2. Nick Kew

                Re: @AC "wouldn't be common freakin' sense to not surf dodgy websites at work?"

                Then there was this thing called USENET so you really didn't have to go to dodgy web sites to surf.

                Damn, I've led a sheltered life. Never encountered usenet binaries: they were one of those mythical things.

            4. Nick Kew

              Re: "wouldn't be common freakin' sense to not surf dodgy websites at work?"

              2) (In the 1990s) It is faster than my 56K connection

              You've led a sheltered life there.

              56K? Pah. I was lucky to get 56 bytes. Per minute, at work, and home was little better.

            5. GruntyMcPugh Silver badge

              Re: "wouldn't be common freakin' sense to not surf dodgy websites at work?"

              You'd think,... but in the late 90s I worked for an ISP, and we had a large, open plan call centre. So one member of call centre staff is caught watching porn. Not just any porn though, apparently it was several males in bondage gear and one well endowed blonde lady.

              So my colleague had to print off the offending image for HR to use in the offender's dismissal. He'd just fixed a printing problem for the Chief Exec, so his default printer was in his boss's boss's boss's office. Dwarf porn plopped out in the corner office. Lucky, boss man was in a meeting elsewhere.

          3. Anonymous Coward
            Anonymous Coward

            Re: Workplace Darwin Awards?

            My boss has a letter from HR explicitly giving him permission to surf dodgy stuff at work(this was from the days of having a Web portal and permission was never rescinded). He keeps muttering about getting it framed.

            I've also had 3 different managers permission to look at such pages when chasing down a script hijacking.

            Fun times all round.

            and the lesson from all this? Get HRs permission first...

          4. Muscleguy Silver badge

            Re: Workplace Darwin Awards?

            Scene: a 4 desk office of Biology lab space around 2000ish. I was, honest guv, genuinely seeking more up to date figures on variations in muscle anatomy in humans than contained in the lab's very ancient copy of Grey's Anatomy (the anatomy tome, not the later cop show). I put 'Human Anatomy' into a search engine and clicked a likely looking link and my browser was suddenly filled with multiplying pages of PRON!

            Fortunately I was alone in the office at the time and none of my female officemates was there. I hurriedly reached under the desk and hit the power button on my G4 power mac. A close run thing.

            Though I did have a colleague in mid 90s who was fond of looking up humans and animals doing naughty things in the middle of the lab. He's probably a Consultant in a hospital near you about now.

          5. Anonymous Coward
            Anonymous Coward

            Re: Workplace Darwin Awards?

            Whilst you would think so, the logs often showed this not to be the case. Shortly after we compiled the first anonymised list of inappropriate web access in 1995 we got an email from the CEO of our international bank explaining how he "accidently" clicked on a "dodgy" link from a friend while showing the female head of HR "how the internet worked". After a few clicks apparently she advised him it would be best not to go further. How convenient to have the head of employee relations there to confirm that it all was a genuine accident. Fortunately for him it didn't impact his financial career or subsequent high political office.

          6. 's water music Silver badge
            Gimp

            Re: Workplace Darwin Awards?

            In a large professional services firm sometime in the 00s I worked in a team that turned on SMS inventory collection of shortcuts. This included browser Favourites for IE. We turned that off again pretty quickly.

        2. Anonymous Coward
          Anonymous Coward

          Whatever Happened to WAP?

          @A.P. Veening; Weeellll... if you want to be pedantic, the article says this happened "back in the late '90s", and both the first WAP phone and site came out in late 1999.

          So it's technically possible they could have been browsing smutty Internet web sites (well, WAP sites anyway) in "glorious" (cough) WAP text.

          But now that I think of it, they wouldn't have been doing so through their employer's WiFi- if they'd had WiFi at all, which they probably didn't back then, so that torpedoes my smartassery.

          As does the fact I don't think anyone ever actually used WAP when they realised that "the Internet on your phone" back then was less "Hackers"-style zooming through cyberspace and more being limited to a paltry number of specially-designed WAP sites you read through five lines at a time and attempted to navigate via an SMS-style numeric keypad while you paid through the nose for a per-minute connection.

          You're right- that would have been pretty hard. And unpleasant. And unlikely.

          1. Jamie Jones Silver badge

            Re: Whatever Happened to WAP?

            Nokia Communicators predated WAP, and had "full" graphic browsing support, as I used to smugly mention to anyone that laughed at one of my bricks.

            https://en.m.wikipedia.org/wiki/Nokia_9000_Communicator#9110

      2. arctic_haze

        Re: What a cunt!

        I would fuse Lesson #1 and #2 into "No private surfing at work" but I would sound like a very anal person. The only reason it works with me is I actually have no time for that. I dread the day by boss realizes I practically never sit down behind my desk but rather spend time talking to people (this is how I do management tasks). He could have tried to save some space and money on my office :)

      3. Criggie

        Re: What a cunt!

        lesson #3 - Never use your personal accounts on work machines, nor your work accounts on personal machines. Else Synching might bring over your web history which then looks like you're doing home stuff on work time.

    3. Ian Michael Gumby
      Devil

      @_LC_ Re: What a cunt!

      I wouldn't say that...

      If anything it was the person who called in the auditors and of course before they fired anyone they needed to have a policy in place forbidding the surfing of questionable sites.

      If you think this is bad, my friend worked as part of an exchange's in house counsel and some of the stuff traders used to do would make even a salty sailor blush. And they got to keep their jobs and in some cases seats on the exchange. We'd hear about it at happy hour, of course names omitted to protect the guilty.

      Sorry, but if you were dumb enough to surf for porn on company time and equipment, you deserved it.

      For the rest of us... there was USENET.

      1. jake Silver badge

        Re: @_LC_ What a cunt!

        "Sorry, but if you were dumb enough to surf for porn on company time and equipment, you deserved it."

        Correct. You're supposed to be working at work, not wanking. Frankly, I'm really surprised that all the commentardary here on ElReg grinds to a halt over the weekend ... until London wakes up again on Monday morning, which makes me suspect most of you are posting from work! Do all y'all's bosses know how much company time you fritter away here on ElReg?

        "For the rest of us... there was USENET."

        Still is. But you'll cause a spike in traffic anyway. And I'll fire your ass if you try it on my watch.

  2. malle-herbert
    Coat

    And that's why...

    Using HTTPS everywhere is a good idea....

    1. Dwarf Silver badge

      Re: And that's why...

      using https won't make the proxy logs safe, it still contains the full URL

      1. John Miles

        Re: using https won't make the proxy logs safe,

        Especially when the Proxy man in the middles you - which is what happens where I work, with a few exceptions (e.g. Amazon & Bank websites) the certificate is related to the proxy not the one issued to the site.

        1. Alan Brown Silver badge

          Re: using https won't make the proxy logs safe,

          "Especially when the Proxy man in the middles you"

          Which is why most browsers these days flag up 12 foot high warnings that the certificate doesn't match the site.

          1. John Miles

            Re: warnings that the certificate doesn't match the site.

            Not if they have updated the browser to trust the internal certificate authorit's root certificate - it doesn't even complain for sites like Google (use a browser without their interference and it will tell you untrusted)

      2. tomgreenwood

        Re: And that's why...

        For HTTPS connections, the proxy logs won't have the full URL, they will just have the domain part of the URL. So they know what site you've been on but not what you were looking at.

        Maybe they can infer from the size of the download whether you were watching normal porn or midget porn. Finally, a potential use case for machine learning.

        "I was just checking out the head office address so I could send them a large thank you package." seems reasonable enough.

    2. 45RPM

      Re: And that's why...

      Nope - that’s why VPN to your own private VPN server is a good idea.

      1. Anonymous Coward
        Anonymous Coward

        Re: And that's why...

        We MITM all HTTPS traffic. And a VPN to private VPN server would need heavy tinkering to work.

        Both are easy to implement.

        1. StargateSg7 Bronze badge

          Re: And that's why...

          This is why I like to use my OWN encryption to my multiple outside servers so even IF they use a Man-in-the-Middle server, all they see is a destination server which changes every few seconds AND has encrypted-packet-within-a-packet infrastructure I developed myself. Works like a charm!

          All they see is encrypted data inside each packet which contains my PERSONALLY-DESIGNED IP-V7 designed packet structure which changes encrypt codes literally every few seconds and reroutes my packets to the appropriate destination! It also helps to have a custom developed web browser which can support such advanced proxy surfing and packet-within-a-packet infrastructure!

          1. Anonymous Coward
            Anonymous Coward

            Re: And that's why...

            Jesus, is it so hard to just get on with some work instead?

          2. Anonymous Coward
            Anonymous Coward

            Re: And that's why...

            Did you add your own random number generator to the pool too? You know, to make the random "more random"?

          3. Anonymous Coward
            Anonymous Coward

            Re: And that's why...

            sarcasm, right?

Page:

POST COMMENT House rules

Not a member of The Register? Create a new account here.

  • Enter your comment

  • Add an icon

Anonymous cowards cannot choose their icon

Biting the hand that feeds IT © 1998–2020