Re: [SLE] stealth VNC connection
Dear all, A lot of people from this forum come from countries economically more advanced than ours. It is true. I hope that in the same time this advance provides happiness, culture and wisdom for not judging other people ... at least not upon our "history or apparently our lax privacy laws". I also don't understand why do you think that "it's repugnant to most people who are in the free software arena to help people, colleagues and friends who post from countries like Romania" ... Why, Mr.Andersen? Anyway, If you believe or not, my request has an legitimate, but also private, reason. I'm working for a passenger road transport company from Romania, well known nationally and abroad for the accuracy of the business. If anyone is truly interested I will tell the name of the company... for proving our honesty. We have agencies (our agencies) around our country and we connect the computers (our computers) to the main server through an ssh connection. We use this kind of connection for data booking exchange but also for remote control, self maintenance and for evaluating our employees job - because of the distance between agencies. This is who we are ... several Romanian guys who try to do their jobs ... Mr.Andersen, maybe you think so but we do not have time for spying our computers or telling other people in forums what it's right or wrong. We have a lot to do for proving that the differences between our countries it's just a matter a time and place. We, the people, are the same. If you cry, I will cry ... if you bleed, I will bleed ... Mr.Andersen, believe me, we are the same ... And don't argue with the peoples who defend us ... It's a waste of time. It's nothing of argue for ... In the same time, Mr.Schneider ask for a reason ... hmmm, nobody really wait for our answer ... maybe nobody was interested in our answer. This is it ... quite simple. But before finishing, I have to thank you "Radule Soskic" for friendship. See ... you still have a beautiful and great "historical" country ... This is my last input in this thread! Sorry for bandwidth waste ... -- ing. Adrian Costescu PGP: http://pgp.mit.edu:11371/pks/lookup?op=get&search=0xE4506831
On Thursday 12 February 2004 16:00, Adrian Costescu wrote:
Dear all,
A lot of people from this forum come from countries economically more advanced than ours.
It is true.
this is irrelevant
I hope that in the same time this advance provides happiness, culture and wisdom for not judging other people ... at least not upon our "history or apparently our lax privacy laws".
this is irrelevant
I also don't understand why do you think that "it's repugnant to most people who are in the free software arena to help people, colleagues and friends who post from countries like Romania" ... Why, Mr.Andersen?
this is missing the point, and not what he said. You left out an important part of his statement, which alters the meaning.
Anyway, If you believe or not, my request has an legitimate, but also private, reason.
this is relevant
I'm working for a passenger road transport company from Romania, well known nationally and abroad for the accuracy of the business. If anyone is truly interested I will tell the name of the company... for proving our honesty.
this is irrelevant
We have agencies (our agencies) around our country and we connect the computers (our computers) to the main server through an ssh connection. We use this kind of connection for data booking exchange but also for remote control, self maintenance and for evaluating our employees job - because of the distance between agencies.
this is relevant. Why do you need a stealth connection for that. - data booking exchange does not need a stealth connection - remote control does not need a stealth connection - self maintenance does not need a stealth connection - evaluating our employees job - oops - yeah, that seems to be it. Well. there is nothing wrong with "evaluating our employees job", but in most civilized countries the privacy laws require that this is NOT done by a stealth connection. These privacy laws did not come easy, there was and is a hard fight for them, all over the globe. I applaud Anders for helping many of us on the list so many times. I applaud him even more for not helping to do a stealth connection without a legitimate reason!
This is who we are ... several Romanian guys who try to do their jobs ...
Mr.Andersen, maybe you think so but we do not have time for spying our computers
well well, many people think that trying to do "evaluating our employees job" using a "stealth VNC connection" is spying ... I have been involved in job evaluations a lot, and anything "stealth" is here a big "no way".
or telling other people in forums what it's right or wrong. We have a lot to do for proving that the differences between our countries it's just a matter a time and place. We, the people, are the same. If you cry, I will cry ... if you bleed, I will bleed ... Mr.Andersen, believe me, we are the same ...
yes, that's it, we ALL have the right for privacy protection, and for job evaluations without using stealth methods. This includes your country, my country, and even all the countries where nobody has heard about privacy laws yet. Let's tell them about it!
[snip]
So, Adrian, back to the point, is there a legitimate reason for a stealth VNC connection? So far you did not provide one. And that's all Anders and others asked for. Regards to Romania Matt
I did not follow all of this thread. But i saw some pretty ridiculous comments that have no place in this forum. I know, everyone is entitled to their own wrong opinion, however the line should be drawn when one justifies anything using comments like: "Can't you see where he is from?" "Don't you know what his kind really are?" "Don't you know their history"? "I am a history expert, I ....watch tv (!!!!!!) and read... magazines (!!!!)" This sort of profiling actually only profiles the profiler. But it also belittles the forum and the remaining 99.99...9% of the members. This is a wonderful international forum. Let's keep it that way. Btw, if Linux does provide VNC capability, it should also provide VNC DETECTION capability. Any help there? Please respond by starting another thread, this is too OT. thanx! Dimitris On Friday 13 February 2004 03:40, Matt T. wrote:
On Thursday 12 February 2004 16:00, Adrian Costescu wrote:
Dear all,
A lot of people from this forum come from countries economically more advanced than ours.
It is true.
this is irrelevant
I hope that in the same time this advance provides happiness, culture and wisdom for not judging other people ... at least not upon our "history or apparently our lax privacy laws".
this is irrelevant
I also don't understand why do you think that "it's repugnant to most people who are in the free software arena to help people, colleagues and friends who post from countries like Romania" ... Why, Mr.Andersen?
this is missing the point, and not what he said. You left out an important part of his statement, which alters the meaning.
Anyway, If you believe or not, my request has an legitimate, but also private, reason.
this is relevant
I'm working for a passenger road transport company from Romania, well known nationally and abroad for the accuracy of the business. If anyone is truly interested I will tell the name of the company... for proving our honesty.
this is irrelevant
We have agencies (our agencies) around our country and we connect the computers (our computers) to the main server through an ssh connection. We use this kind of connection for data booking exchange but also for remote control, self maintenance and for evaluating our employees job - because of the distance between agencies.
this is relevant. Why do you need a stealth connection for that.
- data booking exchange does not need a stealth connection - remote control does not need a stealth connection - self maintenance does not need a stealth connection - evaluating our employees job - oops - yeah, that seems to be it. Well. there is nothing wrong with "evaluating our employees job", but in most civilized countries the privacy laws require that this is NOT done by a stealth connection.
These privacy laws did not come easy, there was and is a hard fight for them, all over the globe.
I applaud Anders for helping many of us on the list so many times.
I applaud him even more for not helping to do a stealth connection without a legitimate reason!
This is who we are ... several Romanian guys who try to do their jobs ...
Mr.Andersen, maybe you think so but we do not have time for spying our computers
well well, many people think that trying to do "evaluating our employees job" using a "stealth VNC connection" is spying ... I have been involved in job evaluations a lot, and anything "stealth" is here a big "no way".
or telling other people in forums what it's right or wrong. We have a lot to do for proving that the differences between our countries it's just a matter a time and place. We, the people, are the same. If you cry, I will cry ... if you bleed, I will bleed ... Mr.Andersen, believe me, we are the same ...
yes, that's it, we ALL have the right for privacy protection, and for job evaluations without using stealth methods. This includes your country, my country, and even all the countries where nobody has heard about privacy laws yet. Let's tell them about it!
[snip]
So, Adrian, back to the point, is there a legitimate reason for a stealth VNC connection? So far you did not provide one. And that's all Anders and others asked for.
Regards to Romania Matt
The Friday 2004-02-13 at 21:36 -1000, plain wrote:
Btw, if Linux does provide VNC capability, it should also provide VNC DETECTION capability.
Any thing that tracks connections; for example, iptraf. Unforutnately, they need root priviledges. Then I suppose the connection has to be enabled for the user configuration, so the user should be able to explitly dissable it in his config files. -- Cheers, Carlos Robinson
The Thursday 2004-02-12 at 11:00 +0200, Adrian Costescu wrote:
We have agencies (our agencies) around our country and we connect the computers (our computers) to the main server through an ssh connection. We use this kind of connection for data booking exchange but also for remote control, self maintenance and for evaluating our employees job - because of the distance between agencies.
The "evaluating our employees job" using a stealh connection would be illegal in many countries (at least without a court order). I don't think you have a legitimate reason to do that, sorry. -- Cheers, Carlos Robinson
[Many other posts] Carlos E. R. wrote:
The Thursday 2004-02-12 at 11:00 +0200, Adrian Costescu wrote:
We have agencies (our agencies) around our country and we connect the computers (our computers) to the main server through an ssh connection. We use this kind of connection for data booking exchange but also for remote control, self maintenance and for evaluating our employees job - because of the distance between agencies.
The "evaluating our employees job" using a stealth connection would be illegal in many countries (at least without a court order). I don't think you have a legitimate reason to do that, sorry.
This is irrelevant Regardless of whether it is illegal or not to evaluate the employees via a stealth connection, we the SLE users are not the judge, jury and executioner in being able to decide whether the Romanian should be offered help or not. It is the job of the authorities in that country to enforce their own rules, and asides just because something is illegal in the USA and Spain (sorry Carlos) does not mean that it is illegal in Romania. The basic question I do not think has yet been answered and I think with all the 'fluff' on it being illegal to help someone has departed from the subject. If you feel you can help the poster, then do so. If you are against offering help for whatever reason then there is always the delete key or email filters. I personally would help the Romanian as it shows the true spirit of open source if I knew how. As I do not, I am hoping that someone else will and therefore help me learn something as they would be helping the Romanian learn as well. Lighten up everybody. This is a list that provides help not that acts as the judge ,jury and executioner. -- The Little Helper ======================================================================== Hylton Conacher - Licenced ex-Windows user (apart from Quicken) Registered Linux user # 229959 at http://counter.li.org Currently using SuSE 9.0 Professional with KDE 3.1 ========================================================================
Hi Try looking into tridia-vnc (http://www.tridiavnc.com) At least with Windows they have the option to hide the icon... Jaska.
I personally would help the Romanian as it shows the true spirit of open source if I knew how. As I do not, I am hoping that someone else will and therefore help me learn something as they would be helping the Romanian learn as well.
Lighten up everybody. This is a list that provides help not that acts as the judge ,jury and executioner.
-- The Little Helper ======================================================================== Hylton Conacher - Licenced ex-Windows user (apart from Quicken) Registered Linux user # 229959 at http://counter.li.org Currently using SuSE 9.0 Professional with KDE 3.1 ========================================================================
On Friday 13 February 2004 22:51, Hylton Conacher (ZR1HPC) wrote:
Regardless of whether it is illegal or not to evaluate the employees via a stealth connection, we the SLE users are not the judge, jury and executioner in being able to decide whether the Romanian should be offered help or not. I
As far as I can tell, no executions took place. As far as I can tell, both sides of the issue SHOULD be pointed out and HAVE been pointed out, and nobody in this list has been PREVENTED from offering help. I'm rather impressed that the VAST majority of this list has chosen NOT to offer help, but that's just MY opinion. But now, let't take YOUR position, which seems to be that regardless of the intended use, help should be offered in the spirit of cooperation for any question asked by anyone who knows the answer, with no regard for what the requester intended to do. Tell me Mr Hylton Conacher: How would one go about flying an airplane full of people into a building full of people? Ok, perhaps that's over the top. But I'm sure you get my drift. -- _____________________________________ John Andersen
On Saturday 14 February 2004 21:16 pm, John Andersen wrote:
<SNIP>
But now, let't take YOUR position, which seems to be that regardless of the intended use, help should be offered in the spirit of cooperation for any question asked by anyone who knows the answer, with no regard for what the requester intended to do.
<SNIP>
Ok, perhaps that's over the top.
I think so, but your point is valid.
But I'm sure you get my drift.
There is also the consideration that simply providing the sort of assistance we do here could (in the extreme, possibly) result in someone being considered an accomplice, or conspirator. Dylan -- "They that can give up essential liberty to obtain a little temporary safety, deserve neither liberty nor safety." -Benjamin Franklin
John Andersen wrote:
On Friday 13 February 2004 22:51, Hylton Conacher (ZR1HPC) wrote:
Regardless of whether it is illegal or not to evaluate the employees via a stealth connection, we the SLE users are not the judge, jury and executioner in being able to decide whether the Romanian should be offered help or not. I
As far as I can tell, no executions took place. Yet :)
As far as I can tell, both sides of the issue SHOULD be pointed out and HAVE been pointed out, and nobody in this list has been PREVENTED from offering help. No, everyone just decided to tell everyone else that the topic was not to be discussed as the guy was from Romania.
I'm rather impressed that the VAST majority of this list has chosen NOT to offer help, but that's just MY opinion. I fully agree, however it is a pity as one day one of the other condemners might need to do a similar task legitimately. God help him if he asks the question here as opposed to be told we would not answer it and that it should rather be asked on a hacking list.
I would like to ask the original Romanian poster if he ever found a solution and if so to please contact me off list.
But now, let't take YOUR position, which seems to be that regardless of the intended use, help should be offered in the spirit of cooperation for any question asked by anyone who knows the answer, with no regard for what the requester intended to do.
Tell me Mr Hylton Conacher: How would one go about flying an airplane full of people into a building full of people? Mr John Andersen, I believe this type of question is not relevant as a topic within this list and therefore I cannot answer it. Please feel free to pose the question on another list catering for what you want to do.
Ok, perhaps that's over the top. But I'm sure you get my drift. Yes it is a LITTLE over the top! Note my response to your query however.
This thread and topic is considered CLOSED by this poster. -- The Little Helper ======================================================================== Hylton Conacher - Licenced ex-Windows user (apart from Quicken) Registered Linux user # 229959 at http://counter.li.org Currently using SuSE 9.0 Professional with KDE 3.1 ========================================================================
The Sunday 2004-02-15 at 17:08 +0200, Hylton Conacher (ZR1HPC) wrote:
No, everyone just decided to tell everyone else that the topic was not to be discussed as the guy was from Romania.
Don't generalize: I, for one, did not. -- Cheers, Carlos Robinson
On Sat, 2004-02-14 at 09:51 +0200, Hylton Conacher (ZR1HPC) wrote:
Regardless of whether it is illegal or not to evaluate the employees via a stealth connection, we the SLE users are not the judge, jury and executioner in being able to decide whether the Romanian should be offered help or not.
Of course we are. Offer me a job. I need one, I really do. If you pay me, you can tell me what to do and reasonably expect me to do it. But as long as this list is a freebie, it's on an "if I feel like it" basis. Usually I feel like it, this time I don't. I'm glad to see so many people agree with me. Employers have a right to know what their employees do, but not covertly
Anders Johansson wrote:
On Sat, 2004-02-14 at 09:51 +0200, Hylton Conacher (ZR1HPC) wrote:
Regardless of whether it is illegal or not to evaluate the employees via a stealth connection, we the SLE users are not the judge, jury and executioner in being able to decide whether the Romanian should be offered help or not.
Of course we are. No we are not! If we do not like the post we do not reply, or give reasons why we shouldn't help.
Offer me a job. I need one, I really do.
If you pay me, you can tell me what to do and reasonably expect me to do it. But as long as this list is a freebie, it's on an "if I feel like it" basis. Usually I feel like it, this time I don't. I'm glad to see so many people agree with me. And that is your personal opinion and you are entitled to it however as opposed to just switching off the radio when it broadcast something you disliked, you decided to give reasons why should have to turn the radio off to the poor Romanian.
If the post had originally been ignored for what it was, the amount of wasted bandwidth would have been considerably less.
Employers have a right to know what their employees do, but not covertly Oh yes they do, provided of course the employees are told that they will be monitored at various times. That way they can be 'spied' on at any time and not know if Big Brother is watching and their civil liberties are not trampled. As an example, assume Employee A plays games on his office PC but tells no one. If he could see that he was being watched he would no doubt be working and not playing games, however he can't see Big Brother covertly watching him, as they said they might be when he was employed, and so he wastes company resources.
-- The Little Helper ======================================================================== Hylton Conacher - Licenced ex-Windows user (apart from Quicken) Registered Linux user # 229959 at http://counter.li.org Currently using SuSE 9.0 Professional with KDE 3.1 ========================================================================
"Hylton Conacher"
Employers have a right to know what their employees do, but not covertly Oh yes they do, provided of course the employees are told that they will be monitored at various times.
Depends on the country you live in :) Here in Germany its against the law to spy in on employees without their agreement. There are only a few exceptions and for them the employer must have strong evidence and the workers council (Betriebsrat) must agree. Without evidence that an employee has actually done anything monitoring is strictly forbidden. Philipp
söndag 15 februari 2004 21:04 skrev Philipp Thomas:
Depends on the country you live in :) Here in Germany its against the law to spy in on employees without their agreement. There are only a few exceptions and for them the employer must have strong evidence and the workers council (Betriebsrat) must agree.
Without evidence that an employee has actually done anything monitoring is strictly forbidden.
Yes, I guess there are amble evidence for the occurring echolon ...
söndag 15 februari 2004 11:53 skrev Hylton Conacher (ZR1HPC):
If the post had originally been ignored for what it was, the amount of wasted bandwidth would have been considerably less.
The post *was* originally ignored. It's not the "original" post, that was answered... fyi.
"Hylton Conacher"
Regardless of whether it is illegal or not to evaluate the employees via a stealth connection, we the SLE users are not the judge, jury and executioner in being able to decide whether the Romanian should be offered help or not.
There is no uniform "we SLE users" group! It's made up of individuals with a common interest in Linux.
The basic question I do not think has yet been answered and I think with all the 'fluff' on it being illegal to help someone has departed from the subject.
Whether something is illegal or not is IMO rather irrelevant for this discussion. It's much more a question of ethics, at least for me. That's why *I* would neither help someone controlling the contents of E-Mail (besides SPAM and Virus) nor setting up a stealth VNS connection. And I will applaud people like Anders for doing the same. Technical people tend to focus on the technical side alone and neglect the ethical side, so it's good to see that there are people that care and do so publicly. Philipp
The Saturday 2004-02-14 at 23:22 +0100, Philipp Thomas wrote:
Technical people tend to focus on the technical side alone and neglect the ethical side, so it's good to see that there are people that care and do so publicly.
Tank you, Philipp, I couldn't say it better. -- Cheers, Carlos Robinson
On Sat, 2004-02-14 at 02:51, Hylton Conacher (ZR1HPC) wrote:
Regardless of whether it is illegal or not to evaluate the employees via a stealth connection, we the SLE users are not the judge, jury and executioner in being able to decide whether the Romanian should be offered help or not. It is the job of the authorities in that country to enforce their own rules, and asides just because something is illegal in the USA and Spain (sorry Carlos) does not mean that it is illegal in Romania.
The basic question I do not think has yet been answered and I think with all the 'fluff' on it being illegal to help someone has departed from the subject.
If you feel you can help the poster, then do so. If you are against offering help for whatever reason then there is always the delete key or email filters.
I personally would help the Romanian as it shows the true spirit of open source if I knew how. As I do not, I am hoping that someone else will and therefore help me learn something as they would be helping the Romanian learn as well.
Lighten up everybody. This is a list that provides help not that acts as the judge ,jury and executioner.
I think you have missed the point that several others have tried to
express. While this is a user supported help list there are certain
topics that, as another poster correctly pointed out, are unethical.
If a user asks a direct question on how to hack a system they should
simply be told that such information will not be provided in this forum
since this is not a hackers forum.
In this case if the company wishes to monitor their users they can.
There should be no need to do this covertly. Even here in the U.S. a
company may monitor anything a user does on company systems or on
company networks. Some companies do this some don't. In most cases the
company will have published policy stating that they may be doing this.
For many companies it is standard practice to include a MOTD or message
when ones logs into a system stating that the system is for company use
only and that the user may be monitored. I personally assume that
anything done on company time and equipment is subject to being
monitored.
As such there is no need to do such monitoring covertly. If it is
company policy then having the vnc icon present is a requirement for
working there. The question that started this was asking for a hacking
tool which could be loaded covertly and as such, IMHO, should not be
answered on this list. This should get the same response as some one
asking for buffer overflow code that permits one to gain root access to
a remote system. A polite no.
--
Scot L. Harris
On Saturday 14 February 2004 07:38 pm, Scot L. Harris wrote:
On Sat, 2004-02-14 at 02:51, Hylton Conacher (ZR1HPC) wrote:
Regardless of whether it is illegal or not to evaluate the employees via a stealth connection, we the SLE users are not the judge, jury and executioner in being able to decide whether the Romanian should be offered help or not. It is the job of the authorities in that country to enforce their own rules, and asides just because something is illegal in the USA and Spain (sorry Carlos) does not mean that it is illegal in Romania.
The basic question I do not think has yet been answered and I think with all the 'fluff' on it being illegal to help someone has departed from the subject.
If you feel you can help the poster, then do so. If you are against offering help for whatever reason then there is always the delete key or email filters.
I personally would help the Romanian as it shows the true spirit of open source if I knew how. As I do not, I am hoping that someone else will and therefore help me learn something as they would be helping the Romanian learn as well.
Lighten up everybody. This is a list that provides help not that acts as the judge ,jury and executioner.
I think you have missed the point that several others have tried to express. While this is a user supported help list there are certain topics that, as another poster correctly pointed out, are unethical.
If a user asks a direct question on how to hack a system they should simply be told that such information will not be provided in this forum since this is not a hackers forum.
In this case if the company wishes to monitor their users they can. There should be no need to do this covertly. Even here in the U.S. a company may monitor anything a user does on company systems or on company networks. Some companies do this some don't. In most cases the company will have published policy stating that they may be doing this. For many companies it is standard practice to include a MOTD or message when ones logs into a system stating that the system is for company use only and that the user may be monitored. I personally assume that anything done on company time and equipment is subject to being monitored.
As such there is no need to do such monitoring covertly. If it is company policy then having the vnc icon present is a requirement for working there. The question that started this was asking for a hacking tool which could be loaded covertly and as such, IMHO, should not be answered on this list. This should get the same response as some one asking for buffer overflow code that permits one to gain root access to a remote system. A polite no.
Given that buffer overflowing permits root access why not change the kernel to give administrator access or something less than root when buffers overflow? Thanks, Jerome
Folks, if you do not like the original request - then pass on by... no need for a 'flame war' - it accomplishes nothing... each to his own flavour of 'freedom'... relax... On Sat, 2004-02-14 at 02:27, Carlos E. R. wrote:
The Thursday 2004-02-12 at 11:00 +0200, Adrian Costescu wrote:
We have agencies (our agencies) around our country and we connect the computers (our computers) to the main server through an ssh connection. We use this kind of connection for data booking exchange but also for remote control, self maintenance and for evaluating our employees job - because of the distance between agencies.
The "evaluating our employees job" using a stealh connection would be illegal in many countries (at least without a court order). I don't think you have a legitimate reason to do that, sorry.
-- Cheers, Carlos Robinson -- Best regards,
Des Aubery... ============================================================> adTherm Technology --> _///^\\\_ Home of Virtual --> --> _///^\\\_ Thermal Engineering... --> Contact: --> _///^\\\_ o Automotive Heat- --> www.adtherm.com --> _///^\\\_ Transfer Devices --> info@adtherm.com --> _///^\\\_ o Virtual Radiator --> Ph : +66 42 614967 --> _///^\\\_ o CFD --> Fax: +66 42 614967 --> _///^\\\_ o FEA --> Mob: +66 6 8553801 --> _///^\\\_ o Brazing & Furnace --> --> _///^\\\_ o Consultants --> Des Aubery --> _///^\\\_ o Nocolok, CuproBraze --> ============================================================>
The Saturday 2004-02-14 at 18:50 +0700, Des Aubery wrote:
Folks, if you do not like the original request - then pass on by... no need for a 'flame war' - it accomplishes nothing... each to his own flavour of 'freedom'... relax...
I think it is fair to explain why we don't answer, if we do it politely. There is no need to get nasty about it, or in flames, I agree. -- Cheers, Carlos Robinson
participants (14)
-
Adrian Costescu -
Anders Johansson -
Carlos E. R. -
Des Aubery -
Dylan -
Hylton Conacher (ZR1HPC) -
jaska -
Jerome Lyles -
John Andersen -
Matt T. -
Philipp Thomas -
plain -
Scot L. Harris -
Örn Hansen