average_jo Posted July 17, 2012 Share Posted July 17, 2012 say you are not a network security analyst but a systems admin. and the CEO wants you to check out the emails of an employee. would you do it? Hi Sir, I think when it comes to this request, you are covered by whatever IT policy that the company employs. If it doesnt suit any of those policy, you have the right to explain to your superior that this request may violate privacy issues in the company. Cheers Quote Link to comment
simplyeric Posted July 30, 2012 Share Posted July 30, 2012 Hi Sir, I think when it comes to this request, you are covered by whatever IT policy that the company employs. If it doesnt suit any of those policy, you have the right to explain to your superior that this request may violate privacy issues in the company. Cheers true, ask for your privacy policy. kasi there are some na merong right to read everything in the computer. example siguro ay sa CIA or sa Pentagon sa US. but i think even they have no right to access all personal email,pwera lang kung pinagsususpetya. when in doubt, ask someone from your company that knows more. Quote Link to comment
evilson Posted August 8, 2012 Share Posted August 8, 2012 would you hack into somebody else's computer if your boss tells you? well dati i was asssign with this job and also naireason ko rin regarding privacy but there was one supervisor (one of the boss relative) who said to me na "At bakit me ganung rason, e computer ng company yan, binili namin yan sa kanila para gamitin sa trabaho, hindi sa pangsarili nilang interes" but looking back and thinking about this, it looks to me na tama sya Quote Link to comment
simplyeric Posted August 9, 2012 Share Posted August 9, 2012 that is true pero dapat yung reason for breaking into the computer is business related and well informed ang more than one concerned person (IT head for example) even they cannot deny na they also use it for personal stuff. Quote Link to comment
JayZip Posted August 9, 2012 Share Posted August 9, 2012 (edited) i think the point im driving at here is not if we use company computers for personal use or if the company has rules and regulations about it but if your superior orders you to do it period. in my case my boss wanted me to hack into someones email because they wanted to prove that that employee was leaking stuff to competitors.my boss admitted that we were breaking "rules" but it was "necessary" to get the info we need.But since we broke the rules although necessary eh is it still "ethical" hacking? Edited August 9, 2012 by JayZip Quote Link to comment
simplyeric Posted August 9, 2012 Share Posted August 9, 2012 a, kung yun yung purpose, as i have said company related, then pwede. yun lang, kung non IT ang position sa company, at sa iyo ipinagawa,even though you know you can do it, medyo kaduda duda.better refer to the people who have the legal rights to do it... basta hinay hinay at mahirap maging escape goat. Quote Link to comment
dude07 Posted August 10, 2012 Share Posted August 10, 2012 say you are not a network security analyst but a systems admin. and the CEO wants you to check out the emails of an employee. would you do it?unless that employee or the employees on that company has an email ad which are being given to them for official use then yes .. but if it is/was a personal email address of the employee say yahoo address or alike.. then thats a different storyy.. Quote Link to comment
JayZip Posted August 10, 2012 Share Posted August 10, 2012 unless that employee or the employees on that company has an email ad which are being given to them for official use then yes .. but if it is/was a personal email address of the employee say yahoo address or alike.. then thats a different storyy.. and if he was using that personal email to send out "company info" to say competitors what would you do? Quote Link to comment
JayZip Posted August 10, 2012 Share Posted August 10, 2012 a, kung yun yung purpose, as i have said company related, then pwede. yun lang, kung non IT ang position sa company, at sa iyo ipinagawa,even though you know you can do it, medyo kaduda duda.better refer to the people who have the legal rights to do it... basta hinay hinay at mahirap maging escape goat. when you said pwede eh did you mean na it is still "ethical hacking?" and when you said non IT position does that include the CEO or someone in the executive level? 1 Quote Link to comment
simplyeric Posted August 13, 2012 Share Posted August 13, 2012 when you said pwede eh did you mean na it is still "ethical hacking?" and when you said non IT position does that include the CEO or someone in the executive level? i had to read all the post again kasi parang nauulit yung mga sinasabi ko.1.the CEO wants you to break into a computer suspected of leaking out info to other companies.2.based on your job description, you have no legal privilege to do it, and normally you are not authorized to do it in any case3. the only reason they asked you is because you can my answer:1. have the order in written form and signed so you have proof na hindi ikaw ang nagkusang gumawa noon2. if you have the proof, then do what they want you to do under their supervision. nandun sila habang ginagawa mo yun3. after you get the info you need and the job is done, include it in your job description and ask for a raise (hahaha) ethical hacking pa rin in my opinion kasi you did it for a greater good. Quote Link to comment
average_jo Posted August 13, 2012 Share Posted August 13, 2012 Hello Guys, To put it in simple context, it is hacking but with permission. Permission from whom? Can be IT Manager, Can be Owner of the company, Company Director, CEO, COO, CTO or CIO or whoever has the right or authority to order the execution of such activity. Sa course ng Ethical Hacking, ang unang binibigay is waiver or some form of document para hindi sa iyo mapunta ang sisi. If the CEO, wants you to do it, without paper then it might fall between the thin line that separates it. Again, if it is for some personal gain it falls under hacking, if it is to ensure that after the testing we can secure the information or the network then it goes to hacking. It can go around depende kung paano mo titignan. But, again dont let yourself to be the escape goat in the end. It is much better that you have agreement and everything in black and white. Quote Link to comment
JayZip Posted August 13, 2012 Share Posted August 13, 2012 ^ Thank you so much for the clarification guys.I apologize if I was being stubborn and skeptical. Skepticism kinda brings out critical thinking in me and I am trying to draft a security document for the place I work in. Anyways, from what I read eh, waiver it is. LOL. Sounds really ironic and funny that the only thing that can save you is a piece of paper. Quote Link to comment
simplyeric Posted August 14, 2012 Share Posted August 14, 2012 ^ Thank you so much for the clarification guys.I apologize if I was being stubborn and skeptical. Skepticism kinda brings out critical thinking in me and I am trying to draft a security document for the place I work in. Anyways, from what I read eh, waiver it is. LOL. Sounds really ironic and funny that the only thing that can save you is a piece of paper. yup,sa mga ganyan, papel at ballpen ang seguridad. that discipline separates the black hat and the white hats... Quote Link to comment
average_jo Posted August 14, 2012 Share Posted August 14, 2012 ^ Thank you so much for the clarification guys.I apologize if I was being stubborn and skeptical. Skepticism kinda brings out critical thinking in me and I am trying to draft a security document for the place I work in. Anyways, from what I read eh, waiver it is. LOL. Sounds really ironic and funny that the only thing that can save you is a piece of paper. Walang problema Sir. At least we are also enlightened. There are a lot of security documents in the web na pwede mo gamitin. You can check out sans.org or ethicalhacker.net at madaming white papers, security policies etc that you might find useful. Quote Link to comment
simplyeric Posted August 16, 2012 Share Posted August 16, 2012 sana sa MTC may EB din ang mga ethical hackers... i would love to share yung maliit na kaalaman ko to secure our fellow MTC peeps (but dont expect an in depth presentation) Quote Link to comment
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.
Note: Your post will require moderator approval before it will be visible.