How safe is webcam show using the company's wi-fi network?

[Monet]

I like webcam shows, and use skype or msn to watch, most of the times, nude webcam shows.
was wondering, how safe would that be?
Thanks for your inputs.

Last time, Vancouver Public Library disable my https://perb.cc access and I felt they might have known
what i saw.

 

[Stormrider]

Any good admin can easily find out what sites each user is visiting.

Simple rule of thumb, if you don't want your boss to know what you're doing online, don't do it using the company's internet access.

 

[Webster]

MSN and Skype are not sites.

But you'd think an admin could spot a video stream.

 

[jesuschrist]

Use ssh to tunnel to a proxy, ssh encrypts the communication. They won't be able to see where you're going and what you're seeing, unless they're CSIS level operatives monitoring the network - even then, I doubt they could unscramble it.

The only thing they'll see is you using ssh. That will raise eyebrows if it's not part of your job description. Once you've been flagged, they'll be able to monitor how much bandwidth you're using, which would raise more flags because it'll be substantially more than most office workers use for their jobs. But they'll still never know where you're going or what you're seeing, unless they actually confiscate your computer.

 

[Monet]

great idea jesuschrist, but what is ssh and how do you use it? thanks!

Use ssh to tunnel to a proxy, ssh encrypts the communication. They won't be able to see where you're going and what you're seeing, unless they're CSIS level operatives monitoring the network - even then, I doubt they could unscramble it.

 

[Monet]

good point webster, so would they be able to see what i see on the webcam (e.g., stripping....)?

MSN and Skype are not sites.

But you'd think an admin could spot a video stream.

 

[Robert Upndown]

I agree with Al
My clients take this sort of thing very serious. You have no right to privacy in your workspace or on your computer. At my clients behest, I deploy Behaviour Monitoring, either through software or an appliance, Sniffers, Keystroke Loggers, URL Blocking, Port blocking, Port monitoring, video surveillance and ……. that would catch your proxy or ssh suggestion faster than it took me to type this. It is a serious breach of the Network and Code of Conduct. Not only would you be fired, but you would have a hard time finding work at any job that required you use a computer. Not even praying to Jesus Christ himself could save you. I do not understand why you would even risk it. Is your career worth seeing a naked boobie? If so then you are what you watch, a BOOB.

Bob

 

[jesuschrist]

I agree with Al
My clients take this sort of thing very serious. You have no right to privacy in your workspace or on your computer. At my clients behest, I deploy Behaviour Monitoring, either through software or an appliance, Sniffers, Keystroke Loggers, URL Blocking, Port blocking, Port monitoring, video surveillance and ……. that would catch your proxy or ssh suggestion faster than it took me to type this. It is a serious breach of the Network and Code of Conduct. Not only would you be fired, but you would have a hard time finding work at any job that required you use a computer. Not even praying to Jesus Christ himself could save you. I do not understand why you would even risk it. Is your career worth seeing a naked boobie? If so then you are what you watch, a BOOB.

Bob

Maybe at your work they do, but most networks don't monitor outbound ports, or if they do, they permit the usual ports including the one for ssh and many other low numbered ports as their use is too ubiquitus. On the other hand, you could use a different port, say 80 for the browser, when using ssh to masquerade as that. Even a packet Sniffer would be helpless in that situation, because it could not unscramble the packet to determine the real protocol. But there is nothing that can be done if the bandwidth usage is unusually high, and you don't need all your technology and efforts to determine something as simple as that. If he is just browsing the web, he'd defeat you. If he was streaming video for a short time, he'd defeat you too.

Other than ssh, there is also Tor, which proxies the packets through an anonymous network and unskins them like an onion at each node. Unlike ssh, the proxy nodes constantly change, including the entry and exit nodes. With ssh or Tor, URL blocking, behaviour monitoring, sniffers, port blocking and port monitoring all goes out the window - sorry!

Both technologies would defeat what you use, unless you resort to something physical like you suggest - a video camera surveying the user, or logging their keystrokes. In that case, then you work at a very coercive environment - if even being fired because of unsanctioned behaviour would as you say, "would have a hard time finding work at any job that ... use a computer". So your company would go out of their way to ensure that the employee they dismissed would have trouble finding work again? Think about what kind of company would do that then.

If your company is very interested in controlling where the users go with a browser, a simple thing such as forcing the browsers go through the company proxy would work most of the time. Most companies would rather let the user go wherever they want, and use monitoring of packets, logs, etc., to catch them instead. Far more costly to do it this way and you catch them after the fact, if you do.

I think this "time theft" of one's employer is a thing that has gone too far for some companies. They really ought to use a little bit of common sense. Using a computer for unsanctioned activities is like using a phone for personal calls on company time. Both are not good if done excessively. The reduction in work performance is going to be obvious without the need to monitor what a person is typing or doing on his computer. The network usage rates are going to be obvious that something unusual is going on at their computer. Virus checkers would catch viruses which would help IT staff determine if a user was going somewhere or downloading something they should not have been.

It has been shown time and again, every effort at securing a system is eventually defeated - when you are inside it. Even if you locked everything down, and your company has a web server it houses internally, your users could go out to the internet through that web server, using it as a proxy. And if you didn't have a web server, your user could disconnect from the network and use a rocket stick and surf using the cellular network. And then there are notebooks and smart phones, and next year tablets (that use the cell network). These days, for most companies it's a total waste of time to try to lock it all down - and like I said, even with all that information that it should know about how to get out, if your company still insists on locking it down, then I would question how legitimate the concern is, what the real risks are, and how sensible company heads are.

 

[jesuschrist]

Why would they bother trying to confirm what he's seeing? At my place of employment, if you "compromise" the network - they don't care where you went or what you were looking at. What they care about is that you hacked through the network and opened it for outside intrusion.

They'd want confirm what he's seeing because he might be going to a website that might fall within the rules, or not.
"Compromise" is a term used by ignoramuses and control freaks when no or very little risk is exposed - they feel that going to a web site that is not sanctioned is a compromise of their network.

 

[Robert Upndown]

Maybe at your work they do, but most networks don't monitor outbound ports, or if they do, they permit the usual ports including the one for ssh and many other low numbered ports as their use is too ubiquitus. On the other hand, you could use a different port, say 80 for the browser, when using ssh to masquerade as that. Even a packet Sniffer would be helpless in that situation, because it could not unscramble the packet to determine the real protocol. But there is nothing that can be done if the bandwidth usage is unusually high, and you don't need all your technology and efforts to determine something as simple as that. If he is just browsing the web, he'd defeat you. If he was streaming video for a short time, he'd defeat you too.

Other than ssh, there is also Tor, which proxies the packets through an anonymous network and unskins them like an onion at each node. Unlike ssh, the proxy nodes constantly change, including the entry and exit nodes. With ssh or Tor, URL blocking, behaviour monitoring, sniffers, port blocking and port monitoring all goes out the window - sorry!

Both technologies would defeat what you use, unless you resort to something physical like you suggest - a video camera surveying the user, or logging their keystrokes. In that case, then you work at a very coercive environment - if even being fired because of unsanctioned behaviour would as you say, "would have a hard time finding work at any job that ... use a computer". So your company would go out of their way to ensure that the employee they dismissed would have trouble finding work again? Think about what kind of company would do that then.

If your company is very interested in controlling where the users go with a browser, a simple thing such as forcing the browsers go through the company proxy would work most of the time. Most companies would rather let the user go wherever they want, and use monitoring of packets, logs, etc., to catch them instead. Far more costly to do it this way and you catch them after the fact, if you do.

I think this "time theft" of one's employer is a thing that has gone too far for some companies. They really ought to use a little bit of common sense. Using a computer for unsanctioned activities is like using a phone for personal calls on company time. Both are not good if done excessively. The reduction in work performance is going to be obvious without the need to monitor what a person is typing or doing on his computer. The network usage rates are going to be obvious that something unusual is going on at their computer. Virus checkers would catch viruses which would help IT staff determine if a user was going somewhere or downloading something they should not have been.

It has been shown time and again, every effort at securing a system is eventually defeated - when you are inside it. Even if you locked everything down, and your company has a web server it houses internally, your users could go out to the internet through that web server, using it as a proxy. And if you didn't have a web server, your user could disconnect from the network and use a rocket stick and surf using the cellular network. And then there are notebooks and smart phones, and next year tablets (that use the cell network). These days, for most companies it's a total waste of time to try to lock it all down - and like I said, even with all that information that it should know about how to get out, if your company still insists on locking it down, then I would question how legitimate the concern is, what the real risks are, and how sensible company heads are.

Jesus, some valid points, but we are talking about average users here, not techies. The average user is computer capable, not computer literate. Have you ever worked help desk?? Makes you want to stab yourself in the eye with something sharp!

Let me see, companies that would go to extremes such as loggers, bandwidth monitoring, video ......
Publicly traded companies, BCSC is pretty clear on this.
Security Exchanges, Law firms, Hospitals, government agencies, Forensic companies, Accounting Firms, Charitable organizations, banks to name just a few. And not all of them, but a good percentage.

But two things ignored from the OP's question.
First: The OP asked how safe it was to watch WebCam shows using a company WiFi Network. The answer is NO! It is not safe! Second thing you missed was WiFi. Sorry your arguments become less persuasive, I can sniff WiFi. But again we are talking about avearge users. They do not need to start trying to circumvent workplace security measures. It is just DUMB and not helping!

Bob

 

[oldtimer]

+1 for TOR -> pretty easy to set up for most.

 

[mercyshooter]

Most of the people that think they have the right to ignore the computer policy they have signed in writing that they were aware of and would obey are law students doing their internship.

There is a form letter that is sent to the facility of law that sent them to us and to any company that inquires. It's very short.

The Ministry discovered that xxxxx xxxxx could not be trusted to keep confidential information confidential. We found that s(he) was unwilling to follow established procedures.

You mean faculty of law, right?

 

[mercyshooter]

jesuschrist, some companies do make their dismissed/fired employees' lives miserable. what a world, eh? :crazy:

 

[myselftheother]

Think of this as well....most of this software and hardware and policies are put into place nopt just to keep you from jerking off at your desk, but to also protect against corporate espionage, hackers and the like. If you breach your companies security, then you ought to be canned. It's usually on your employee agreement that you sign when you start work there, and also there is usually a disclosure clause included that may open any employee breaching the conditions that was agreed upon and there may be civil penalties. Wait til you get home, or use your iphone....jeez, you're at work. Have some self control.

 

[Webster]

It also never hurts to know the IT guys and find out what they monitor. My workplace has a very long and ugly agreement to sign, but they actually monitor nothing: it's a waste of their time. However if there are complaints the wording is in place to have you fired if they want. So, for instance, if someone's running a BitTorrent client, they simply do not care. If, however, they get an email saying this IP is the source of this file that we own, stop sharing it, that employee is in big fucking trouble. Similarly getting caught looking at porn is not gonna go well. Don't be dumb.