[HN Gopher] Amazon will monitor workers' keystrokes to 'combat d...
___________________________________________________________________
Amazon will monitor workers' keystrokes to 'combat data theft'
Author : stereoradonc
Score : 228 points
Date : 2021-08-14 02:06 UTC (20 hours ago)
(HTM) web link (www.inputmag.com)
(TXT) w3m dump (www.inputmag.com)
| bserge wrote:
| I've never worked for Amazon and have even avoided them because
| of news like this.
|
| However, now I wonder if it's all overblown, just like other shit
| in the media.
|
| Surely, no one in their right mind would work in such conditions.
| It could be decent or at least acceptable.
|
| Wonder how it compares to a small company where your manager
| watches everything you do and yells at you for a typo.
| edoceo wrote:
| I'm manager at a small company. We don't have time for that
| shit.
| taurath wrote:
| Simple, they pay a little more. The problem is they're running
| out of people to churn through they get rid of people so fast
| nly wrote:
| I know a small company CEO who had Internet connected CCTV,
| complete with audio, installed in the office following a break-
| in and theft.
|
| His COO later stopped taking meetings in the office because the
| CEO would sometimes sit and watch and listen in to the office
| from home.
| rainhacker wrote:
| Amazon does not provide a company phone. Employees install paging
| app on their personal phones. I wonder how closely they monitor
| activities on phones of their employees.
| acomjean wrote:
| When I was at university, they implemented a register for classes
| by phone system in the early 90s. (How things were done before
| computers...)
|
| I remember being in the bursars office and someone was
| complaining that they registered for a class and it didn't show
| up. The woman working there spun her screen around and said "here
| are all you keypresses from last week, you clearly didn't
| register." Now with so much more computing power/networking and
| storage everything is stored..but I wonder if they'll ever look?
|
| Makes a great target for hackers though.
| barbarbar wrote:
| It is a fantastic idea. Next step will be wires on the head and
| some ai to guess what each worker is thinking. And fire those
| with non compliant thoughts must go. What a wonderful company /s
| OrvalWintermute wrote:
| Today it is to 'combat data theft', tomorrow it will be like
| Amazon fufillment centers in the Call Center no time to take a
| potty break. Let's hope we don't hear about the pee jugs there
| too.....
|
| https://www.dailydot.com/debug/amazon-workers-pee-bottle/
| MrStonedOne wrote:
| a good chunk of CSAs are remote.
| newscracker wrote:
| It doesn't matter that CSAs are working remote. There are
| monitoring solutions for those too.
|
| Here's a recent report on one of the companies that counts
| Apple as its customer monitoring employees by video. [1]
| Apple in this instance responded that it prohibits such
| monitoring.
|
| [1]: https://www.macrumors.com/2021/08/09/workers-complain-
| about-...
| [deleted]
| fieldcny wrote:
| Hate to break it to you, but every large companies call centers
| are already like this.
|
| There's an entire suite of software companies that have been
| building this stuff for twenty years, companies like Verint.
| kamaal wrote:
| >>tomorrow it will be like Amazon fufillment centers in the
| Call Center no time to take a potty break
|
| That's already two decades back.
|
| I remember back when I started out in the 2000s. I worked at a
| call center here in Bangalore. The breaks were one 35
| mins(lunch), three 15m breaks spread over the shift, which most
| people took to use rest rooms. Many times you need to call the
| floor manager, and they turn it down. You need to hold your
| rest room emergency until they let you go to the toilet for 15
| minutes. You got penalised if you over shot the 15m rest room
| break.
|
| They even had metrics like resolve rate, calls per day,
| escalation count, data collection metrics(if you made 3
| mistakes entering the user email, you were fired) etc etc.
| [deleted]
| comeonseriously wrote:
| Why not their IT department also? And management?
|
| Why are companies like Amazon constantly kicking the shit out of
| the lowest paid employees!?
| porknubbins wrote:
| I've seen this kind of thing a lot. Two reasons this always
| happens to the lowest ranked. First because they can- these
| jobs are largely easily replaceable so even if the workers
| resist they will be quickly replaced by someone who can be
| pushed around. Second because people constantly come and go
| from these jobs they tend to attract some bad apples so there
| is some need to monitor them more closely.
| spaetzleesser wrote:
| Modern management believes that the lower ranks need the whip
| while upper ranks need the carrot to get motivated. It's the
| same as people are getting nervous about inflation when lower
| wages are rising but not when the top 1% incomes are going up.
| dragonwriter wrote:
| > Modern management believes that the lower ranks need the
| whip while upper ranks need the carrot to get motivated
|
| For some in the upper ranks, applying the whip to lower ranks
| _is_ the carrot.
| [deleted]
| thaumasiotes wrote:
| > It's the same as people are getting nervous about inflation
| when lower wages are rising but not when the top 1% incomes
| are going up.
|
| Not really. Which do you think is a larger increase in total
| income?
|
| - Bottom 50% of all wages increase by 5%
|
| - Top 1% of all wages increase by 20%
| random314 wrote:
| Average top 1%ile income 1.7M USD. 20% increase = 340K.
|
| Average Bottom 50%ile wage = 46K USD. 5% increase = 2.3K
| Multiply by 50 = 115K
|
| So the 20% increase in top 1%ile represents a 3X increase
| in total income when compared with bottom 50%ile.
| thaumasiotes wrote:
| I'm willing to believe this, but I want to be clear -
| you've marked an average bottom 50% wage and an average
| top 1% income. Is that top 1% wage income or all income?
| fennecfoxen wrote:
| > people are getting nervous about inflation when lower wages
| are rising
|
| Our current wage growth of ~3% combined with inflation of ~5%
| means that _real wages have been falling_ at about 2%.
|
| https://www.cnbc.com/2021/07/27/wages-are-rising-but-has-
| inf...
|
| The WSJ added:
|
| > Average weekly earnings since January are up $15.59, but
| with inflation surging to levels not seen since the early
| 1980s, real weekly wages are down $8.99, the largest real-
| dollar drop in wages since Bureau of Labor Statistics data
| were first collected in 2006. By comparison, real wages have
| fallen more in the past seven months than they rose in the
| final 27 months of the Obama presidency.
|
| https://www.wsj.com/articles/inflation-government-
| spending-w...
|
| Check out the BLS (bls.gov) for the latest data and hope it
| doesn't get worse.
| awsthro00945 wrote:
| The purpose of the monitoring is to prevent data theft, and is
| specifically for customer service associates. Customer service
| associates have access to sensitive customer data that even
| management or IT employees do not have.
| chadcmulligan wrote:
| Amazon's slogan - "creating the worker's dystopia - today!"
|
| stopped buying from them a long time ago, I encourage everyone
| else to do the same.
| pas wrote:
| Are any other call centers significantly better?
| JCharante wrote:
| My highschool job was working at a call center for resort &
| hotel reservations (big range from $40/night to $9000/night).
| I loved that job and soon got promoted to train new agents.
|
| Hung out chit chatting with management and reading books /
| creating static websites with Notepad++ (no outside software
| allowed) when the call volume wasn't too high.
|
| Googling "pac man" yields the pac man doodle, which I played
| so much (google obviously wasn't blocked but a lot of sites
| were).
| ramesh31 wrote:
| Not a big deal really. I know that I already treat all work
| devices as if they were keylogged anyways.
| quantified wrote:
| Looks this was being downvoted. Probably for the "Not a big
| deal really", possible tone of saying "we should accept
| micromanaging distrust", and the behavior monitoring of drivers
| and warehouse workers is dystopian, this could well go that
| direction.
|
| However, if you're working at an employer-provided work device,
| your practice is a wise one.
| mithusingh32 wrote:
| If your company uses teams....you already have a keylogger
| installed in your machine.
|
| The moment I discovered this, I stopped using teams to talk to my
| manager/teammates about my frustrations or concerns. I ask them
| to speak on the phone or face to face.
| easton wrote:
| How does Teams log anything more than any other piece of
| software with compliance functionality?
| Lio wrote:
| When I was younger I used to think I wasn't good enough to work
| for a FAANG company and so avoided all the unpleasant interviews
| with them.
|
| Whilst that's probably still true, I now also wouldn't want to
| work somewhere like that if the "prize" for being accepted is to
| be treated like a machine or worse.
|
| Being a contractor seems like a much more honest bargain. You pay
| me and I make something for you.
|
| How I do that is my business as long as it meets the spec.
| tpmx wrote:
| Is it that grueling to interview for a customer service job at
| Amazon?
| talmr wrote:
| I used to care about that too until I got enough money (not a
| TON, but enough to put my worries aside for 5-10 years) from
| equity working at a smaller company.
|
| Now I'd rather keep a simple job and work on side projects that
| interest me than working at a FAANG.
| Lio wrote:
| Yep totally. There's a lot to me be said for a steady pay
| check at a decent firm.
|
| I just don't want to wear one of L. Bob Rife's headsets to
| get that. :P
| [deleted]
| hiddencache wrote:
| Seems a little overboard to prevent just 4 cases so far.
| smellsinore wrote:
| ...If the keystrokes stop for 7 minutes. ToT (Time off task)
| pacifika wrote:
| What about the workers' data theft?
| mattparcens wrote:
| Between this, the coming back into the office, to the general
| rumors of Amazon's work culture going back for years, I find it
| hard to imagine a more undesirable place to work.
| tonyedgecombe wrote:
| Even the people in their promotional videos look burnt out:
|
| https://youtu.be/lX1P-gGqNjo
| SN76477 wrote:
| They go to far over and over.
| dylan604 wrote:
| And yet they remain. So is it too far? If it were too far, they
| would get regulation slap on the wrists, or it would be
| impossible to find employees for their positions. So as long as
| the signals of being too far, there's no need for them to
| change behavior. (from their PoV at least)
| leopaacc wrote:
| sounds like a nightmare employer, won't be tempted to apply.
| loosetypes wrote:
| Is there any reason not to assume they don't for software
| engineers as well?
|
| Honest question, I assume this isn't covered by two-party consent
| of recording. Are there any legal frameworks covering employee
| monitoring in the US or on the state level?
|
| Is it different if alerted on violation as opposed to a manager
| browsing their employees activity on a whim?
| darawk wrote:
| I feel like people are getting outraged at the title. This isn't
| a keylogger. It's recording keystroke/mouse patterns to create
| behavioral profiles, not monitor content. It's just to try to
| heuristically detect whether the wrong person is operating an
| account.
| glitchcrab wrote:
| There's more to it than that though. As the article notes,
| Amazon are ruthless when it comes to squeezing every last drop
| out of their workers. Sure, this software is _currently_ going
| to be used to try and reduce imposter attacks, but given their
| reputation I don't think it's unreasonable to see this as
| potentially leading to increased surveillance of their workers
| (which will be marketed as 'helping increase productivity'). I
| would wager that this is why people are getting bent out of
| shape over the article.
| devoutsalsa wrote:
| I assume that my keystrokes are always being monitored on a
| company device. Obviously I'd prefer to not be monitored, but I
| don't really have an expectation of privacy at work on a work
| device.
| 1123581321 wrote:
| Is that warranted by other practices of your employer (locked
| down laptops, etc.?)
|
| We give full admin rights to laptop owners and don't install
| spyware. I would be sad if a coworker acted as if their
| keystrokes were being recorded; thinking that would surely slow
| them down and make them more careful about pursuing all
| promising research paths. So I think it's important for
| companies that don't spy to signal that they don't; the
| opportunity cost outweighs the marginal security benefit.
| benhurmarcel wrote:
| It's very common to have locked down devices. No admin rights
| of course, but also a whole suite of surveillance software
| permanently running (antivirus, local blacklist of websites
| and executables, SSO authenticator...).
| travoc wrote:
| It's standard in the finance industry where risk management
| is the highest priority.
| theamk wrote:
| Does your company has network-based IDS? Or local antivirus/
| endpoint protection? What happens if those detect something?
|
| In a lot of places, in case of severe signal, like computer
| reaching out to know malware C&C servers, the computer is
| taken by IT and investigated - does it really have malware?
| How did it get on PC? Did it propagate?
|
| This sometimes involves digging through browser cache and
| history.
|
| So even if you not recorded all the time, you should be
| prepared that your computer will be taken away from you at
| any moment and browser history examined. Such is the life in
| a big company.
| 1123581321 wrote:
| Yep, the responses are interesting as they all assume a
| certain company size (which makes sense given how many
| faang etc. employees post here.) Eventually a company will
| hire IT that create their own work and aren't mindful of
| the chilling effect monitoring has.
|
| We are much smaller and still larger than the median
| company size in the US: https://www.naics.com/business-
| lists/counts-by-company-size/
| awsthro00945 wrote:
| >thinking that would surely slow them down and make them more
| careful about pursuing all promising research paths.
|
| Huh? I've worked at multiple companies that all do very broad
| device monitoring (it's fairly standard at all large
| companies) and I don't think I've ever heard anyone express
| any concern like this. I've certainly never felt this way
| myself. What "promising research paths" are you talking
| about? Do your google searches at work frequently involve
| porn or something?
| skytreader wrote:
| > Do your google searches at work frequently involve porn
| or something?
|
| If I want to look up example of string operations in C I
| might Google "c strings" or "c strings examples".
| Incidentally, in similar fashion to G-strings, a C-string
| is a type of lingerie.
|
| If I'm doing quick graphics adjustments I don't want to
| bother the art department with I might use the fantastic
| GNU Image Manipulation Program and do a search for "gimp
| tricks" or "gimp tutorials". Incidentally, as anyone who's
| seen "Pulp Fiction" might know, a gimp is a type of BDSM
| gear. Definitely not savory for work.
|
| This is why, much as I'm concerned about personalized
| searches, it's kind of non-negotiable for me that to
| function as a professional software engineer I should be
| logged-in to my Google account. It's the only way I can be
| sure not to get results from, say, Victoria's Secret.
| devoutsalsa wrote:
| If you were a true gimp, at least you wouldn't have to
| suffer open office plans.
| legerdemain wrote:
| If you write in Groovy, you might have to Google "how to
| concatenate two G-strings."
| 908B64B197 wrote:
| Relevant: https://twitter.com/id_aa_carmack/status/497455
| 371372756993?...
| IggleSniggle wrote:
| Where I work, I will frequently attempt to visit sites,
| generally the tech blogs of individuals, that are blocked
| by my company's filters.
|
| I get big scary corporate "You're not allowed to go there!"
| and get the feeling that there's now somehow some black
| marks on my invisible permanent record, because I wanted to
| read something about Zig or something.
|
| I know I'm not going to be fired for something like that.
| What I don't know is if some higher up just looks at some
| roll-up without digging or understanding, the kind of
| scenario that could come up in something like, for example,
| layoffs.
|
| Definitely has a chilling effect for me personally.
| [deleted]
| 1123581321 wrote:
| Well said---exactly this sort of thing.
| ridaj wrote:
| Once a company reaches a certain size and deals with
| sensitive enough data, it's poor risk management practice to
| leave device security entirely up to the individual. Mistakes
| are made, malware-laden software is downloaded, laptops are
| lost in town or borrowed by kids or S.O.'s at home, etc.
| Restricting the user's device permissions is not a judgment
| cast on any individual specifically, it's just a responsible
| way to deal with something that statistically happens sooner
| or later even with perfectly well-intentioned employees.
| koonsolo wrote:
| That's because you probably don't live in western Europe.
|
| Over here, when a company would do that and use it against me,
| I would sue them for privacy breach. Employee rights are very
| well protected in western Europe.
| [deleted]
| h3mb3 wrote:
| In the US, that might be a wise assumption for any _individual_
| to make. However, I think you still should push back on these
| practices as a society. Why should this be legal? What common
| good comes from this?
| nly wrote:
| And internet activity. Even if you put a personal device on
| company WiFi you should assume that the DNS and TLS SNI/IP data
| is being logged and analysed.
|
| Use a VPN, that way if you good off on your phone during the
| day at least they can only see how many bytes you're using and
| when
| dehrmann wrote:
| It's my employer's laptop, so I agree. I do make an exception
| for things benefits-related, as in a medical claim won't
| necessarily make it back to my boss, even if it's done on a
| work computer. I don't think it's strictly true, but I can make
| a case for how HR should shield certain things IT might collect
| from my boss.
|
| In practice, companies only have humans look at IT use if
| there's a security problem or a performance problem.
| 908B64B197 wrote:
| Keystrokes sounds like overkill. It also records passwords in
| plaintext. No good.
|
| Queries to sensitive DB endpoints are what you want to keep an
| eye on.
| mister_tee wrote:
| "One use case provided is that a customer service worker walks
| away from their computer and then a roommate grabs the machine to
| use its internal search tool and see what a celebrity has been
| buying on Amazon. But just four cases have actually been
| identified in which imposters accessed such data. And the result
| for workers of implementing the software is a constant feeling
| that someone is watching over them."
|
| Not to backseat design (ok, to backseat design), but shouldn't it
| be the case that access would already be scoped to accounts
| relevant to active tasks, and not every one of the 300M+ active
| customer accounts, especially without some sort of escalation or
| break-glass? That rationale for this software is likely invented,
| right?
|
| "It'd be one thing if these workers were well paid, but they're
| not."
|
| quick survey -- this would still be put on the "bad ways to treat
| your workers" list, correct?
| BiteCode_dev wrote:
| Right, no need for a keylogger for that, your computer should
| be activated by your badge, which you need to move around.
| jjulius wrote:
| The quote in question mentions a roommate using the computer,
| implying working from home. No need for a badge to move
| around your own residence.
| BiteCode_dev wrote:
| Yeah but similar techniques can be used. Like a yubikey
| with fingerprints to do important things, a bt ring that
| needs to be close to the computer to keep it unlocked, etc.
|
| The idea is that you can solve the problem without having
| to spy in your employees every move, and focus on securing
| important operations.
| lupire wrote:
| If your roommate has your laptop, they probably have your
| yibikey.
| mattlondon wrote:
| Agreed. That sort of data should not just be a few clicks away
| and with only a reliance on honesty and will power to stop
| abuse.
|
| You need to have this sensitive data locked down appropriately
| so that people cannot just unilaterally access it on a whim.
| There should be an audit trail back to some rationale for
| access (e.g. support case) that _enables access_ , and if the
| data is sensitive enough it should use multi-party auth.
|
| Keyloggers are not going to stop someone who is using someone
| else's computer already - they are _WHY_ they are using someone
| else 's computer!
| corobo wrote:
| I still lock my machine whenever I get up and I live alone
|
| This sounds like someone's solving a lack of training with code
| meibo wrote:
| You only write code once, Amazon replaces its entire
| expendable workforce once a year.
| bpodgursky wrote:
| If you think about how phone support works, it would be pretty
| challenging to prevent the support staff from being able to
| access an arbitrary account.
|
| You'd have to set up a system where the phone tech could not
| access the account data unless the customer relayed the right
| name, SSN, or whatever other validation that they were the
| right person (people forget passwords!). But this means you
| need to be able to look up an account by _some_ kind of PII, or
| at least ask the customer to cite some recent purchases (to
| prove ownership)... in which case the tech has to be able to
| see the purchases to validate them!
|
| Anyway, I'm sure there's some path here to make it mostly
| possible, but I don't think it's easy and I'm sure it's a
| higher-friction customer support experience.
| dannyw wrote:
| This is trivial to solve: only initiate phone calls using
| your own backend. get the customer to request an immediate
| call.
|
| Even better, callbacks on demand mean no hold music. Just
| waiting time for the call.
| mister_tee wrote:
| yes, I sort of assumed--maybe incorrectly--that these
| employees/contractors handle chats and calls that were
| initiated from the help center and a logged-in account.
|
| agree with grandparent that incoming cold calls would be
| more challenging in terms of both authenticating the caller
| (some places I've called just seem to match phone number)
| and limiting access to information.
| rajeshmr wrote:
| 1984
| Lio wrote:
| More like YT's mother's job in Snow Crash.
|
| She's monitored doing everything including the time it takes to
| read management emails and going to the toilet.
|
| She puts up with being treated like crap because she thinks the
| job has prestige.
|
| When the book was first published that all sounded hilariously
| preposterous. These days it's almost standard. :(
| streamofdigits wrote:
| Human nature, like nature, abhors a vacuum. Surveillance
| capitalism is expanding exponentially in the new space created by
| digital technology. It is shaping the amorphous silicon with
| software, behaviors and business models that reflect the
| distorted morality and deficient humanity of a narrow clan.
|
| This land grab is only possible in societies with no
| countervailing forces, either in government, judiciary,
| journalism, business world or civic society. Alas the US is very
| nearly such a failed society, as evidenced by its still
| smouldering Trump period. This is disastrous for the Western
| world in general (and Europe in particular) which for decades has
| simply followed the US lead in tech.
|
| Tech is not just another cog in eternal societal struggles.
| Things are coming to a head. The challenges are compounding and
| the sustainability of our entire (eco)system is at risk. Tech
| should be at the forefront of shaping healthy social contracts to
| help us transition to a viable state. It is one of the few levers
| left that have a positive range. Instead it is abusing and
| eroding the most vital ingredient of a healthy society: trust
|
| To paraphrase: Monitor your own keystrokes and combat soul theft.
| Make sure you program the kind of future you want to live in.
| AdrianB1 wrote:
| What is "surveillance capitalism"? I remember in my country
| when we had "socialist" in the country name we used to have a
| huge surveillance system called "state security" (Securitatea
| Statului, in Romanian) and I figure surveillance and capitalism
| can coexist, but they are independent.
| antifa wrote:
| https://en.m.wikipedia.org/wiki/Surveillance_capitalism
| whoknew1122 wrote:
| I work in a customer-facing position within network security at
| AWS. This sounds dystopian and inhumane. But to do their job
| effectively, these employees (much like myself) must have access
| to a lot of critical data that can do a lot of damage
| inappropriately leaked.
|
| This may not be the best solution to protecting data, but it's a
| hard issue to solve.
|
| Stuff like SIM swapping and recent Twitter hacks come from
| insider threats. Consumers want companies to protect them (i.e.
| the consumers) from insider threats. How are companies supposed
| to do that? Monitoring the speed of typing is one not-
| particularly-invasive way to do that.
|
| TL/DR: Don't eat the sausage if you can't stomach how it's made.
| foepys wrote:
| Super illegal in Germany, luckily. It's shocking to me how people
| here accept this as normal.
|
| You shouldn't lose all rights just because someone is paying you
| any amount of money. The company does not own you. You're not a
| soulless resource that can be used and tossed whenever your boss
| pleases.
| grecy wrote:
| > _You 're not a soulless resource that can be used and tossed
| whenever your boss pleases_
|
| Once healthcare is tied to employment, that is exactly what
| people are.
| lotsofpulp wrote:
| In the US, anyone can buy the same health insurance from
| healthcare.gov. However, if you are not self employed, then
| you will have to pay with post tax dollars as opposed to
| pretax dollars.
|
| Employers do pay a portion (usual 50% or more) of the health
| insurance premiums, but these days it is just another form of
| compensation, worth somewhere around $200 to $1,200 per
| family member per month (pretax).
|
| Before ACA, it was true there were cases you simply could not
| get health insurance without an employer, as you could be
| denied for a multitude of reasons.
| loftyal wrote:
| Kind of ironic isn't it, the people against universal
| medicare are the same ones spouting "freedom", but infact
| universal medicare would give them more real individual
| freedom than any other bills sent to the Senate these days.
| concordDance wrote:
| The USA system is particularly broken. Just because
| healthcare is private doesn't mean it needs to be ruinously
| expensive, most other countries manage.
| loftyal wrote:
| Most other countries provide universal health care,
| private health insurance is optional.
| [deleted]
| beckman466 wrote:
| > Once healthcare is tied to employment, that is exactly what
| people are.
|
| Yep, and this marvelous US productivity hack by employers and
| lawmakers (/s) - of making affordable healthcare conditional
| to employment - is unfortunately growing around the world.
| Parallel to this move is the continued commodification of
| most other resources and relationships.
| StreamBright wrote:
| Workers are minor annoyance for amazon. If they could do
| everything with robots they would. This is the tragedy of
| automation and robotics. As soon as it becomes an option there
| will be massive unemployment unless we figure out a better
| model.
| howaboutnope wrote:
| Let's see if people will also shallowly dismiss Stephen
| Hawking saying the exact same thing you just said.
|
| > If machines produce everything we need, the outcome will
| depend on how things are distributed. Everyone can enjoy a
| life of luxurious leisure if the machine-produced wealth is
| shared, or most people can end up miserably poor if the
| machine-owners successfully lobby against wealth
| redistribution. So far, the trend seems to be toward the
| second option, with technology driving ever-increasing
| inequality.
|
| -- Stephen Hawking, https://www.reddit.com/r/science/comments
| /3nyn5i/science_ama...
| treeman79 wrote:
| Farming was 97% of the population at one point. Then
| automation took over.
|
| Rough at the time for sure. But few would wish to go back.
| howaboutnope wrote:
| This isn't about automation separated from the world it
| is used in, this is about automation speeding up
| inequality that isn't just growing, but accelerating --
| and the predictable outcome that those who exploit and
| don't share with people when they still kinda need them,
| will _certainly_ not share once they no longer need them
| for anything whatsoever, and can kill them in vast
| numbers trivially. If it was already occasionally
| possible to get soldiers to do it, how much more so
| owithout pesky humans and their consciences getting in
| the way.
|
| > But few would wish to go back.
|
| What does that even mean? I would love to "go back" and
| deal with things by not just letting the masses starve
| while people in costumes play god and smell their own
| farts, which is exactly what they do today. I would LOVE
| to see see that space exploration and awesome inter-
| species music festivals we might have in 2021 if the last
| few millenia hadn't been such pathetic ass.
| Nextgrid wrote:
| > But few would wish to go back.
|
| Do they?
|
| Back in the day when everything was manual I think you
| could reasonably make a living farming your own land. It
| was hard work but it was possible.
|
| Nowadays everything is so optimized that margins are
| razor-thin and the remaining farmers are being squeezed
| from every side, both from the demand side for their
| produce (supermarket chains driving prices down) and from
| the equipment side (John Deere & co intentionally making
| equipment that's impossible to repair unless you pay them
| exorbitant prices).
| dmos62 wrote:
| Automation is as much of a tragedy as 3/5 people not having
| to work in agriculture or not having to spend hours washing
| your clothes by hand. A job becoming unnecessary should be a
| good thing. If _you_ become unnecessary, something is wrong,
| and not necessarily with you.
| kwhitefoot wrote:
| Probably illegal here in Norway too. If not then I think would
| probably require the assent of the Norwegian Data Protection
| Authority (Datatilsynet).
| WhyNotHugo wrote:
| Well, that's not the American view of things.
|
| It's clear that, in their super-capitalistic view, if they pay
| you a salary they own you for 8 hours a day. Property doesn't
| have rights, so neither do you.
|
| This has been clear for quite some time, but it's reaching
| exaggerated extremes in recent years.
|
| It's worrying how US companies are expanding so intensely into
| the EU as well.
| ok_coo wrote:
| Well, in the USA we are literally called Human Capital Stock.
| So, I would disagree that's the case here.
| garmaine wrote:
| Even when the company owns the computer and it is on company
| time?
| jcelerier wrote:
| Companies are never ever more important than human beings
| garmaine wrote:
| Ok sure, but I was asking a technical question about German
| law, not morality.
| foepys wrote:
| The company cannot even look at the employee's work emails
| unless there are already indications that the employee is
| acting in bad faith ("Anfangsverdacht").
| refurb wrote:
| That doesn't seem true?
|
| _" According to the guidelines, if the use of the Internet
| and email services is only permitted for business purposes,
| the employer can check the Internet use of the employees
| randomly, to make sure that they use it for business
| purposes only."_
|
| https://www.mondaq.com/germany/privacy-
| protection/496710/ger...
| foepys wrote:
| This is false for the general case. The employer always
| needs a reason, e.g. the employee appears to be browsing
| the internet the whole day instead of working. And even
| then, the work council has to be consulted.
|
| The employer can look at work emails if it's the last
| resort (no other means to get the information), they have
| a reason (like if employee is sick and a customer emailed
| them directly with important contract data), a member of
| the work council is present, and it's been cleared by the
| GDPR person (whatever they're called in English).
|
| Labor laws have been shaped by courts so it's quite
| confusing, even to Germans. Rulings are often decided by
| minuscule details that don't appear to be big but often
| are, so generalizing is hard.
| j16sdiz wrote:
| I found this unproductive.
|
| If a customer phone the support directly, are they going
| to hold the phone for hour waiting for approval? Only
| after the approval, the support can start reading the
| work email and decided the next step.
|
| Co worker and manager need to aware of the work progress,
| just in case the employee is sick or something.
|
| Employee should do their private work on their own
| devices.
| foepys wrote:
| The company can easily take measures to prevent
| situations like this by using a proper CRM solution. If
| the company didn't, it's its own fault. Flaws in internal
| processes don't legitimize surveillance.
| pessimizer wrote:
| It's also valuable to co-workers and managers to know if
| the employee might be engaging in behavior that could get
| them sick, or if they are looking for another job. So
| employers should really be able to monitor their
| employee's own devices, health records, and expenditures.
| j16sdiz wrote:
| Does German law allow recording support helpdesk phone
| call?
|
| What make email different from phone call?
| foepys wrote:
| The company can record phonecalls with customers _as long
| as the customers agree_ , which is already being done
| under the disguise of "improving customer service". The
| company cannot record all phone calls an employee makes.
|
| The company can simply require all customer communication
| to go through a proper CRM. This way there is no need to
| look into an employee's personal inbox.
| Broken_Hippo wrote:
| If something is a right, it shouldn't go away while "on
| company time" - even if they own the computer. You are not an
| object.
| chrisco255 wrote:
| It's a huge security risk to add a keylogger. It's also a
| deep invasion of privacy and compromises the ability of
| employees to conduct private one on ones, which are important
| for the mental well-being of a company of people. Imagine
| working from an office with a microphone attached to your
| desk that pipes everything you say to your boss, your boss's
| boss, all the way up the chain. People need to vent.
| Sometimes people need to waste time and shoot the shit about
| things unrelated to work. People need to be able to discuss
| things in private without fear. Otherwise the culture will
| descend into a constant state of paranoia and dysfunction.
| randycupertino wrote:
| It basically devolves the workplace into wargames where the
| employee focus becomes an "us vs them" battle stalemate
| with management re: tracking and obsessing over the KPIs vs
| how to beat the KPIs.
|
| I worked in call center management and saw this play out
| real time. They made clients wear fitbits and hit metrics
| to qualify for the cheaper health insurance plan. Workers
| put the fitbits on drill bits and ran drills to whirl
| around the fitbit to beat the metrics. Then there was a
| mass group chat about how to beat the system. Then peoples
| personal cell phones had to be banned and kept in lockers
| outside the offices. And around and around and on and on it
| went. It was literally like Tom and Jerry and everyone was
| miserable and meanwhile the company wasn't doing well
| because nobody was focused on getting any high quality work
| done because of all the distractions and drama over the
| tracking.
| neolog wrote:
| "Company time" is steering you wrong there. When a worker's
| shift starts she doesn't become chattel property of the
| employer for the duration of her shift. Instead, she's doing
| work that the company paid for while retaining her own
| personhood.
| garmaine wrote:
| My question is about German law. Company time is relevant
| because a contract requires compensation in order to be in
| effect (which you are paid for under company time).
| flimflamm wrote:
| Yes.
| awsthro00945 wrote:
| >You shouldn't lose all rights
|
| I'm not a huge fan of this monitoring, but why be so dramatic?
| You aren't losing any rights here, let alone _all_ rights. You
| do not have a right to use your employer 's computer without
| your employer's permission.
|
| If you want to do something that isn't monitored, just use your
| own computer instead of your employer's computer. You should be
| doing this anyway, keystroke monitoring or not.
| BiteCode_dev wrote:
| The inside of a company is not a bubble isolated from the
| rest of the society and with a different set of laws. Despite
| what billionaires really want it to be.
| awsthro00945 wrote:
| That's correct, which is why the same laws that say you
| can't just take someone else's computer and do whatever you
| want with it apply within a company just the same. On a
| company laptop, you do not have the right to do anything on
| it without permission from the company.
|
| These are the same laws that also allow surveillance
| cameras not only within company properties, but even in
| public.
|
| You do not have the right to privacy when you are not in a
| private space. This applies to company computers just the
| same.
| vidarh wrote:
| This kind of dystopia is thankfully not one that everyone
| lives in.
|
| In Europe you generally have a graded expectation of
| privacy that does not disappear the moment you enter the
| workspace.
|
| We recognise that people have needs that are not met if
| you treat them as automatons.
|
| To your surveillance camera point, I live in the UK which
| is renowned for the number of cameras. If I point a
| surveillance camera at the sidewalk in front of my house,
| I'd break the law.
| BiteCode_dev wrote:
| That's why there are badges that open doors and laptops,
| and permissions linked to accounts.
| jcelerier wrote:
| > You do not have a right to use your employer's computer
| without your employer's permission.
|
| Thankfully not true in sane countries
|
| https://www.google.com/amp/s/www.lci.fr/amp/societe/video-
| en...
|
| In short, you definitely have a right to send e.g. personal
| emails from your work computer and your employer definitely
| does not have the right to go look into them for instance
| crispyambulance wrote:
| > Thankfully not true in sane countries.
|
| I'm not so sure about that. Do large-enough French
| companies supply their own Certificate Authority to all
| company computers (like all large corporations)? If so,
| then they're free to browse/search/store all https
| communications from any company machine, right?
|
| The assumption is that employers and IT departments will
| always "follow the rules", but it's impossible to verify
| something like that. The way corporations would be "caught"
| would be from huge numbers of whistle-blowers but that's a
| risky career move for most IT workers.
|
| The good news is IT departments and individuals generally
| don't care to spy unless there's something really high-
| value at stake and only then towards very specific
| "targets". With few exceptions, the vast majority of
| workplaces tolerate ordinary personal use of corporate
| computer resources.
| s5300 wrote:
| >You're not a soulless resource that can be used and tossed
| whenever your boss pleases.
|
| Hahaha. We Americans have this little term called "Human
| Capital"
| foepys wrote:
| The term "Human Resources" is slowly creeping into German
| corporate speak. Before that it was called
| "Personalverwaltung" (employee management) which I think is a
| way better and more fitting name.
| mdp2021 wrote:
| Sorry, which term(s) in German is(/are) used for "Human
| Resources"?
| foepys wrote:
| Companies use the term "Human Resources", literally.
| Without translation. Ridiculous if you ask me.
| mdp2021 wrote:
| I noticed the intrusion of that terminology in the German
| speaking area from a small thing, a joke from Miguel
| Fernandez:
|
| << _Wo is der Azubi?! Sie meinen der Primary Business
| Solutions Executive Assistant. ...Der is grad kacken._ >>
|
| I think the trend comes from the globalization of
| business and trade, so that when parts meet there is no
| translation of titles but a sort of spontaneous
| international convention. This avoids questions like "So,
| what is exactly your job as /Azubi/?".
|
| (Of course, still tongue-in-cheek, it may remain a
| justified question to ask "What is exactly your job as
| PBSEA".)
| fuzzfactor wrote:
| >Companies use the term "Human Resources", literally.
| Without translation.
|
| Interesting.
|
| When it arose there must not have historically been
| anything similar commonly seen.
|
| Could be all previous German engineering success has been
| best accomplished without anything resembling an
| American-style HR approach.
|
| After all, today's HR designation took root during the
| belt-tightening of the '80's under Ronald Reagan, and as
| we have seen has declined in usefulness from there
| continuously over the decades.
|
| No translation was given back then either, and that was
| in the USA :)
| gorgabal wrote:
| I like that term. Going to try to slip that into
| conversations every now and then. Thanks for the
| inspiration.
| BLKNSLVR wrote:
| You're a good decade behind - for the better. In Australia
| the terminology HCM is working it's way into common
| corporate usage.
|
| Human Capital Management.
|
| Another scale up (down) from where you're moving to.
|
| Next step might be rolling HCM into a function of the
| Finance Department. (moreso).
| TeMPOraL wrote:
| Holy hell. "Human Resources" implied that as an employee,
| you're a resource to be exploited - used up and
| discarded. "Human Capital" implies your employer _owns
| you_.
| skeeter2020 wrote:
| What does "People Management Team" mean? That's what our
| HR has adopted, I think to sound less scary but to me it
| comes across like total social control.
| rvense wrote:
| I got a new co-worker (product manager) who seemed like a
| nice guy, well-spoken, seemed to listen to us techies,
| fun to have lunch with. The only thing that seemed "off"
| about him at first was that he unironically referred to
| people as resources. "We can deploy without a proper
| review for now since the design resource is on holiday".
| Like, there was only one "design resource", he was called
| Andrew and their desks were next to each other! I thought
| it was weird, but I just brushed it off since other than
| that he seemed fine.
|
| At first. After a few months, though, he proved himself
| to be classical politicking a---hole and a horrible bully
| if you got on his bad side. I take that as a lesson to
| trust my instincts more.
| skeeter2020 wrote:
| I think the difference is that at the C-level, executives
| play checkers, where every piece is the same and you can
| allocate "resources" (aka people) as commodities. Below
| that we're playing chess and every person is a distinct
| individual. It's at the transition in either the
| hierarchy or in this case you're co-working trying to
| position himself in the former while working in the
| latter where it gets unpleasant and weird.
| BrandoElFollito wrote:
| Did everyone knew Andrew and what his role was?
|
| Though I must admit that design resource is hardcore :) I
| must try that at the office and look at the reactions.
| siva7 wrote:
| always when i hear someone calls a fellow colleague a
| ressource (in corporate context) or device (in sport
| context) it always proved true that these people were
| manipulative as hell.
| sokoloff wrote:
| What's an example of the device usage?
| siva7 wrote:
| in dance sport calling your partner a sport device ;)
| arethuza wrote:
| I think the R in ERP systems might have contributed to
| this ghastly habit.
| paganel wrote:
| > Human Capital" implies your employer owns you.
|
| Which goes to show how correct Marx was, at least from a
| sociological perspective.
| janto wrote:
| Well, Marx will always appear correct from a Sociological
| perspective. It's at the foundation of that perspective.
| mdp2021 wrote:
| Not really, though you are probably just making jokes.
|
| "Resources" can surely mean "assets" (note that the
| relevant resources are selected...), which is not at all
| diminishing or ghastly, and also honestly means "what is
| available to fulfil a need". Implication of
| <<expoitation>> (or, even farther, "expendability") is
| not necessary, though "being used" is surely there - but
| that is the job itself.
|
| "Capital" implies "investment" - what you invest is the
| principal, "capital", while the additional returns are
| the secondary part -, not necessarily that <<ownership>>
| that implies a loss of freedom: contractually, you allow
| your employer to make your work part of an investment.
| Again, it is the job itself. The capital is what you have
| invested and returns after having brought fruit: again,
| they are assets.
|
| Terms have broad semantics, it is never a good idea to
| interpret with partiality. :)
|
| Edit: I am not denying that some employers may de facto
| as if interpret "resources" and "capital" dishumanly: I
| am stating that the fault is not in the jargon.
| bserge wrote:
| > You're not a soulless resource that can be used and tossed
| whenever your boss pleases.
|
| I am.
|
| Just thinking everything's great doesn't actually change
| reality lol
| unethical_ban wrote:
| You're missing something.
|
| A person can recognize reality while knowing it should be
| different. Recognizing the need for something to be different
| is the first step in it becoming different.
|
| Learn to read the OP's sentence as "A person should not be a
| soulless resource..." - that is often what is meant.
| beebmam wrote:
| You can always work somewhere else. Or start your own
| company. Or even organize, which is a legally protected
| ability in the United States.
|
| Don't accept that bullshit. Especially if you're a software
| engineer and have a million opportunities.
|
| I resigned from a big tech company because I refuse to build
| any weapons, period. I'll always refuse to build them as long
| as I live. I can easily get hired somewhere else.
|
| Have some self respect and demand to be treated with dignity.
| To hell with the bosses' intimidation
| Valakas_ wrote:
| "You can always fight and become a gladiator champion to
| win your freedom."
|
| If the alternatives suck (being poor or a social outcast)
| or are hard (entrepreneurship) or not that different
| (another soulless corporate job), how much freedom is there
| really?
| janto wrote:
| Freedom allows you to find a way to survive on your own
| terms.
| bserge wrote:
| Right. Personally I'd love to build anything, especially
| weapons. And I'd be good at it. Guess many people should be
| thankful I don't heh
| southerntofu wrote:
| To hell with the bosses. Organize with a few
| friends/coworkers and start a workers cooperative, where
| every one is paid the same and has a say in decisions.
|
| However, that requires some savings and some political
| perspective. I understand why someone who just struggles to
| pay their bills every month "thanks to" their corporate
| overlord (i.e. "wage slavery" as that is/was called) would
| not consider it a viable option.
|
| Organize with your fellow workers. Sabotage the company.
| Make your managers' lives miserable, but do it collectively
| ;)
| janto wrote:
| Or create your own company. Sabotaging someone else's
| company and feeling entitled that they should give you
| money for your activity sounds like... theft?
| loceng wrote:
| Sabotage is arguably far worse than theft; would be glad
| to have this kind of unreasonable-malicious individual
| filtering themselves out of my company - and ironically
| they certainly are a supporting point for companies who
| want to monitor and control to catch stated malicious
| behaviour/sabotage; they clearly have resentment and
| won't be as successful themselves as otherwise because
| they're wanting to waste energy, perhaps energy from
| anger - but certainly that of resentment - rather than
| directing it to do better themselves, which doesn't
| include sabotage or wasting energy; that's a violent and
| self-harmful act IMO.
|
| Re: theft - they didn't mention theft in their comment
| (unless they edited it out; why not version control on
| HN?) but the problem I have with theft is that it allows
| thieves to gain resources that they didn't develop to
| earn themselves, that they don't yet deserve - giving
| them power they don't deserve nor have learned how to
| wield adequately.
| janto wrote:
| I got an entitlement vibe from their comment which is why
| I brought up theft.
|
| Indeed yes, sabotage is worse than theft.
| canadianfella wrote:
| Wage slavery? Sabotage the company?
|
| You have a very childish worldview.
| newbamboo wrote:
| All the agonies you suffer You can end with one good
| whack!! Stiffen up, you ornery duffer And dump the bosses
| off your back
| lnxg33k1 wrote:
| You can't accept to work anywhere else, companies need to
| adhere to the needs of the people working, and have
| respect. If we start dodging problems by moving companies
| instead of fighting back, we'll soon have no company where
| we can work which is respectful.
| BrandoElFollito wrote:
| Out of curiosity, does the refusal of designing weapons
| include the ones used by the police forces to protect you?
|
| I have no stake in the question, live in France where guns
| are an exotic thing - just genuinely curious about the
| limits.
| saiya-jin wrote:
| Exactly what makes starting/owning a company in US so great
| and efficient. Exactly what makes being an employee in US
| often such a crapfest for most of ones active life
| GekkePrutser wrote:
| No but the law does, in the EU
| bserge wrote:
| Yeah, you know people just ignore it, right?
| slim wrote:
| I'm sorry for you. But maybe your situation will change in
| the future and you will recover your freedom. Most of us
| chose to fight when necessary and take the risk to lose the
| battle
| na85 wrote:
| >It's shocking to me how people here accept this as normal.
|
| I believe that you are seeing the zeitgeist of the enormous
| proportion of the users here whom are wannabe capitalists with
| a dream of one day being the oppressive CEO abusing their
| workers.
|
| This isn't the best forum if you want to discuss progressive
| social issues like labor rights and modernization thereof.
| awsthro00945 wrote:
| >wannabe capitalists with a dream of one day being the
| oppressive CEO abusing their workers
|
| Alternatively, we're just people that recognize that it's
| absurd to think you have, or even deserve, to use someone
| else's property for whatever you want.
|
| Do you also think it's oppressive that public libraries have
| rules against using their computers for porn?
|
| Nice ad hominem, though.
| foepys wrote:
| > it's absurd to think you have, or even deserve, to use
| someone else's property for whatever you want
|
| How you read this into my comment is beyond me. An employee
| cannot use the company-provided resources in whatever way
| they like. If they do, that's grounds for termination.
|
| German labor laws recognize that total surveillance is not
| aligning with the values of a free society. Life does not
| stop at work, every company event should tell you that.
| Instead there needs to be indications that the employee is
| acting in bad faith, then the employer can "surveil" the
| employee in a limited fashion, like read work emails (not
| private emails) or search their desk. The same as police
| cannot search you whenever they like without reason.
| andylynch wrote:
| It's worth remembering that many Germans still have
| direct experience of living in the surveillance state of
| East Germany, and I would expect know better than most
| how these tools can be used
| hyperman1 wrote:
| This is not only a fact in Germany. Belgium has
| comparable protections. I'd assume the EU has them.
| southerntofu wrote:
| I think the parent poster meant that the memory of a
| surveillance State is alive and well in East Germany
| because it was only two generations ago.
|
| In other countries like France and Belgium, the
| surveillance State has been aimed at specific communities
| and at remote colonies lately, but a generalized state of
| surveillance has not been seen since the 1940s so people
| tend to underestimate the dangers of that based on little
| living memory of how authoritarianism grows.
| xelia wrote:
| Perhaps we should return to feudalism, as it is absurd to
| think you deserve to use a lord's property without putting
| in any labor for them.
|
| To me it's absurd that the system is such that the one's
| doing the most don't get to decide what happens with the
| fruits of their labor, and are under the mercy of whoever
| happens to own that workplace.
| AdrianB1 wrote:
| I guess it is not the discussions about labor rights that are
| downvoted, but politically turning it into "capitalism bad,
| socialism good" when labor rights are not specific to one of
| these options.
|
| It is similar to people pretending morality exists only
| within religion, human rights and labor rights are perfectly
| compatible with capitalism: positive example France, Germany,
| negative example - all the failed socialism attempts in the
| past 100 years, from Soviet Russia or North Korea to
| Venezuela and Cuba.
|
| Note: I see labor rights part of the human rights, not as an
| economic or government system. I definitely consider
| "progressive social issues" a fake term trying to suggest the
| notion that "progressive" is related to real (positive)
| progress, while "progressive" is a term the socialist
| movement in USA hijacked for their benefit, completely
| unrelated to "progress" as in the English language
| dictionary.
| rbjorklin wrote:
| > all the failed socialism attempts in the past 100 years,
| from Soviet Russia or North Korea to Venezuela and Cuba.
|
| As someone from Northern Europe I feel the need to point
| out that socialism != communism. The failed states you
| mentioned above all have/had a communistic rule. My
| impression is that media in the USA portrays these as being
| the same and evil which I don't agree with.
| AdrianB1 wrote:
| (as someone from Eastern Europe) I agree with you, but
| the confusion is so widespread people get the wrong idea
| about it.
| pessimizer wrote:
| > I see labor rights part of the human rights
|
| If you think people implying that advancing issues
| important to powerless people is positive progress is some
| evil socialist deception, it's strange that you've latched
| on to the term "human rights" as if it refers to anything
| that exists or can be enforced.
| AdrianB1 wrote:
| No, I am only saying socialism = progress is false. I am
| pro labor rights and more widely pro human rights, but I
| don't accept socialists hijacking the term "progress" for
| their benefit, they can be openly calling themselves
| socialists.
| [deleted]
| BLKNSLVR wrote:
| Slightly tangentially to your comment, I believe that people
| tend to vote based on the fact they believe they either are,
| or will soon be, part of the one percent.
|
| There's a certain amount of Dunning-Kruger in there as well.
| alias-dev wrote:
| > Slightly tangentially to your comment, I believe that
| people tend to vote based on the fact they believe they
| either are, or will soon be, part of the one percent.
|
| As quoted in A Short History of Progress (2004) by Ronald
| Wright: > John Steinbeck once said that socialism never
| took root in America because the poor see themselves not as
| an exploited proletariat but as temporarily embarrassed
| millionaires. This helps explain why American culture is so
| hostile to the idea of limits, why voters during the last
| energy shortage rejected the sweater-wearing Jimmy Carter
| and elected Ronald Reagan who told them it was still
| "morning in America." Nowhere does the myth of progress
| have more fervent believers.
| edoceo wrote:
| Steinbeck is brilliant. Heres more quotes and links to
| other books.
|
| https://en.m.wikiquote.org/wiki/John_Steinbeck
| southerntofu wrote:
| Socialism/Anarchism has serious roots in the United
| States. See the history of the underground railroad, the
| Industrial Workers of the World (IWW) and actual gun
| battles against the militias of the bosses (Pinkermen),
| workers opposition to the first world war and their
| jailing for anti-war propaganda (anti-war doesn't mean
| anti-revolution, on the contrary), etc..
|
| At some point of course a lot of people are gonna think a
| 0.001% to become a millionnaire and 99.99% chance to stay
| a wage slave all your life is better than great chances
| to be detained, mutilated or assassinated by the police
| or a militia.
| vidarh wrote:
| The irony of how little May 1st means in the US today, is
| that May 1st as the international day of labor
| demonstrations stems in part from the AFL announcing to
| the First International that they planned to pick up
| demonstrations for the 8 hour day again, in part in
| commemoration of the Haymarket Massacre.
|
| So in large parts of the world organised labour annually
| takes part in demonstrations as a direct result of the
| commitment of US unions.
| runarberg wrote:
| Indeed, I think HN has a bug[1] where posts about labor
| rights are implicitly downranked. This can happen even when
| the topic is technologically interesting (such as here) and
| the workers in question are tech workers. I hope we'll fix
| this bug soon, because HN is really the perfect place to
| voice concerns about labor right issues related to tech
| workers.
|
| That said there were some pretty goods discussions
| following the walkout at Blizzard/Activation where this
| implicit downranking didn't happen. I want to see more of
| that.
|
| 1: https://github.com/minimaxir/hacker-news-
| undocumented#implic...
| stickaquarius wrote:
| My employer in Germany (U.S. company with an incorporated
| branch in Germany) recently started using Deep Packet
| Inspection and is decrypting all SSL traffic. While they're not
| logging all keystrokes, they can read everything.
|
| Reading about this topic, it seems this is also not legal,
| especially when limited personal internet usage is allowed as
| well in the contract.
|
| What's the right way to approach this issue? I guess if someone
| brings this up, they'll just update contracts and say that
| personal internet usage is forbidden? It still feels like
| someone is watching you.
| yladiz wrote:
| If you have legal insurance, ask the lawyer to look into it
| and write a letter. This seems very illegal and a single
| letter from a lawyer will scare the company enough to stop
| it.
| BrandoElFollito wrote:
| They probably inspect the traffic for information security.
| Specifically to check if there is no hacking going on
| (suspicious data extraction, c&c calls etc)
| codyswann wrote:
| Here's the thing. It takes one person. Just one. To ruin it for
| everyone.
|
| That's why stuff like this exists.
|
| So assume this happened to Amazon one time and cost them a ton of
| money.
|
| Do they sit back and just hope it never happens again?
|
| Do they somehow selectively choose which employees to monitor?
|
| Don't get me wrong. I would love to live in a world where
| everyone can trust everyone else but that's a fairy tale.
| 0x0nyandesu wrote:
| You gotta assume if someone is an engineer they can do some
| nasty stuff. The idea is there's professional etiquette and
| ethics. It's as easy as encrypting some code, downloading it as
| some image file, and running it through a benign sounding
| script. Keystroke monitoring is more likely to find you
| chatting with your SO than a breach.
| anakaine wrote:
| This is exactly it. Even the best tools today cannot, and do
| not monitor all attack vectors.
|
| If you can't trust someone to be an employee in a position
| where they have access to your systems, they should not be in
| that position.
| quantified wrote:
| That's why your kids have cameras in each of their school
| bathrooms' toilet stalls to catch the ones selling nickel bags.
| Or would if that were legal.
|
| Normalizing the surveillance state is the chilling part. It's
| just that the corporation is state entity, not the government.
|
| To your point, the reason we have bad cops is that we have
| problem people that carjack, rape and the like, so we therefore
| have cops. If people really didn't want bad cops, they wouldn't
| crime.
|
| But I doubt Amazon has lost much money from the looks of it.
|
| Criminal insiders that prey on the customers are a more
| interesting target, but I suspect they are in different
| unmonitored areas.
| saagarjha wrote:
| But this applies to any sort of crime: there are limits to what
| is reasonable surveillance. Of course the legal system is
| different than what a private company does with its employees,
| but I think it's useful to note that there are limits to how
| far we can go to catch these things.
| codyswann wrote:
| I'm all open to hear other ways how Amazon could reliably
| stop employees from stealing data.
| 0x0nyandesu wrote:
| This is impossible no matter how many safe guards you put
| up. Like keeping drugs out of prison.
| shawnz wrote:
| Simply audit the events where data is accessed (they also
| suggest this in the article). What advantage does
| monitoring keystrokes give? This smells more like an
| attempt to detect unproductive workers to me.
| zoomablemind wrote:
| > Simply audit the events where data is accessed....
|
| That would be a sane approach. Indeed, if there's "data"
| to guard, then one just properly secures it and allocates
| access to it. If "theft" happens, then there's access
| log.
|
| If data is ubiquitous that everyone should be able to
| access it, then it's hardly data to "guard". In any case,
| it makes more sense to monitor access to data, not just a
| sea of keystrokes... unless the concern lies with
| something other than the data.
| thrwn_frthr_awy wrote:
| They cannot and monitoring keystrokes won't stop it either.
| _moof wrote:
| I've worked at places where data theft meant a spy was
| violating arms control treaties. You get access to the data
| you need, and every access and egress is logged. A
| keylogger is a frankly ridiculous solution to this problem.
| SergeAx wrote:
| This is what life below the API would feel like. Expectations: ML
| and algos are automating most boring jobs like couriers, drivers,
| cashiers or fulfillment center workers. Reality: ML and algos
| automating jobs of line managers.
___________________________________________________________________
(page generated 2021-08-14 23:02 UTC)