PDA

View Full Version : Re: Likelihood of IT using a Packet Sniffer



Nomen Nescio
08-12-08, 10:20 AM
"Skywise" <into@oblivion.nothing.com> wrote in message news:hT9ok.191933$IP7.144304@newsfe16.ams2...
> Nomen Nescio <nobody@dizum.com> wrote in
> news:c5840971fa5daccf082f936dcafde283@dizum.com:
>
>> If he is really worried, tell him to use a suscription
>> VPN service. A GOOD one will cost around $40 per month,
>> for a high speed one. The connection will be encrypted,
>> and packet sniffers will be USELESS against his encrypted
>> connection.
>
> And what do you expect the admins are going to do when
> they see encrypted traffic going through their servers,
> traffic that is not expected? They may not see WHAT is
> being sent/received, but they are still going to know
> WHO. That alone may be enough grounds for termination.
> In the extreme it could lead to a criminal investigation
> to see if any company secrets were divulged.


Hoever, there is no POSSIBLE way that a subpoena could
be served on a company that is in Cyprus. As long as the
USA server was not being used, there is no way they that
BananaVPN would EVER have to comply with ANY court order
from a U.S. court

> BananaVPN may not be subject to any but those laws, but
> the person using the service still resides in another
> country (USA, or China) and is still subject to THEIR
> laws. Again, 'they' may not know WHAT is being sent, but
> they will know WHO.

And being able to use Skype, in countries where it is
blocked, is a selling poing that BananaVPN uses. They
ENCOURAGE people that want to use Skype from places, such
as Middle Eastern countries, where it is blocked, to use
their service to circumvent blocking up Skype.

The ONLY reason, I think, they have a U.S. server, is so
that people who want to use services, such as the Pandora
music service, that are restricted to U.S. IPs can be
able to tune in, as well as watching online streaming of
shows from CBS, NBC, ABC, etc. that are restricted to U.S.
IP addresses, and they make it a selling point for
subscriptions to their U.S. servers. And circumventing
geographic restrictions is not currently against U.S.
laws, though there are rumors floating about that Congress
may introduce a law, during the 111th Congress, to make
such circumvention illegal.

And some even have their own proprietary client software,
to make it more secure. One service I had, PrivacyView,
is good, but the speed is only 312K, when I checked it on
a broadband speed test site. BananaVPN is much faster.

One of their selling points, which appears to ecourage
people to use it from work is "Your office/school will
not know you are using it". Then again, encouraging this
is LEGAL under Cypriot law, so any company whose
employees use CANNOT hold BananaVPN liable for the actions
of their users, under Cypriot law.

Skywise
08-12-08, 05:40 PM
Nomen Nescio <nobody@dizum.com> wrote in
news:38071c0b2f875726b9660beeb22862c2@dizum.com:

> Hoever, there is no POSSIBLE way that a subpoena could
> be served on a company that is in Cyprus. As long as the
> USA server was not being used, there is no way they that
> BananaVPN would EVER have to comply with ANY court order
> from a U.S. court

But if you are in the US, then the US court CAN subpoena
YOU.



> One of their selling points, which appears to ecourage
> people to use it from work is "Your office/school will
> not know you are using it". Then again, encouraging this
> is LEGAL under Cypriot law, so any company whose
> employees use CANNOT hold BananaVPN liable for the actions
> of their users, under Cypriot law.

But the employers can still hold the employee accountable
for their actions.

I'm not arguing that BananaVPN themselves may be immune
to legal action. What I am arguing is that those using
the service are still subject to the laws of the country
they are in and the rules of the company that employs
them.

It makes no difference to the employer if the employee
is surfing the net openly or squeeking through the system
using a service like BananaVPN. If they are caught, they
can be disciplined.

In fact, I think it more likely the employee would be fired
if they were caught using an encrypted service to tunnel
through the network as it shows a brazen disregard for the
security of the company network and employee rules, and may
beg the question of what proprietary company data may have
been illegally transferred. Companies take corporate
espionage seriously.

Brian
--
http://www.skywise711.com - Lasers, Seismology, Astronomy, Skepticism
Seismic FAQ: http://www.skywise711.com/SeismicFAQ/SeismicFAQ.html
Quake "predictions": http://www.skywise711.com/quakes/EQDB/index.html
Sed quis custodiet ipsos Custodes?