Posts by ThunderCougarFalconBird

One of the first things I tell all new hires to the department I work in in IT is "CYA" "Cover your A**"

I explain it to them like this.

Nobody is watching out for you. Nobody's going to hold your hand and guide you to do the right thing. Nobody's going to stick up for you if it means that the blame will fall on them. This is just human nature. It's unfortunate, but true. With this in mind. make sure that you always take copious notes and screnshots and have these things handy in case you're called on to "clarify" something. Because it's not "If" something happens...it's "WHEN!" And if the other person is hemming and hawing because they don't have the information readily available and you pull up document after document of supporting evidence at a moment's notice, it adds to your credibility.

CYA. It's your "A", it's your duty to protect it!

Legal in England or not?

Is recording employees in the bathroom legal? I know in the USA, it's illegal to record an employee when there's an expectation of privacy.

This can create an unwanted precedent. It is possible to push files to someone's device due to the web caching function all browsers utilize. There's an HTML technique that allows a website to pre-load images in preparation to display in a later page. Or not at all. I was able to push images to people's computers just by getting them to go to a survey page I set up. While they were filling out the survey, I was dumping hundreds of questionable images from the site "Stile project" on to their computers. Then I asked them if they had any NSFW images on their computers, they adamantly said no. I then went to the cache and pulled out all the images I loaded onto their computers.

If you have someone you want to get in trouble, then you can do the same thing with this silly Apply scan. The bad part is that with my method, any human looking at where the image is located (the web cache) would be acutely aware that this was pushed to the device without the user's knowledge...but a machine has no such consideration. Machines just do. they don't think. This can be a real problem

The company I work for does stuff like this regularly. If you get a phishing email an *DO NOT* report it to security, then that's a demerit. If you open the email and click on any of the links in the email, that's a demerit. If you expose any secure information like passwords or confidential information or documents, that's a demerit. You are only allowed 3 demerits (a 3 strikes rule) After your 3rd demerit, you are escorted out of the building. I only know of one employee where this happened to them. I was working with her on an issue and I said I'll send a test email. She asked not to because she was already at 2 demerits and as a result, she doesn't open emails anymore...well, a week went by and I saw her out in the parking lot with a box of her stuff. She later told me she had gotten her 3rd strike that day and was gone! Oh well...