when I browse from a flash drive does the cache store on the flash drive or the hard drive?
there are a few pages I go to that arent exactly worksafe that I would like to be able to check out from the work pc but only if it remains “clean”.
no I aint talking porn here but S*P isnt exactly work friendly.
http://www.somethingpositive.net/ for those wondering and no its not 100% worksafe.
If you’re using Portable Firefox, it has a default zero cache, so it’s not stored anywhere. You should note, however, that even without a cache, anything you view can still be seen by your IT department when you’re on the company network.
ah very cool, I meant to add its a laptop. never hooks up to the company network at all. as it may not be “My” laptop forever I would just as soon leave it totally clean.
Hate to be a party pooper, but the answer is no, you cannot surf anywhere without IT knowing about it. I work in IT, and from my desk I can see anything going on with any machine in my network. I can control the mouse and keyboard if I choose too. I have niether the time or desire to monitor any machine on our LAN, but can do so at any time. I can turn the computer on or off without entering your office. It makes fixing things easier, I can do it from my desk, not walking all the way across campus to click an icon. The fact is we can do it. Every new employee is told up front that “Puter belongs to us, and there should be no expectaion of privacy.” As I said we have more important things to do than watch specific users, but if administration ordered us to raid a certain person’s puter, I don’t know that we would have any choice (it has never happened). It has happenned that in the routine management of the local network we have stumbled upon a person using the computer in a way not considered appropriate, it is unwritten policy among us techs that we just give them a call and suggest they re-read the acceptable use policy, and promptly forget the whole incident.
my laptop is used in my car and in various classrooms I would be impressed as hell if IT could take control of my laptop while I am surfing from outside starbucks 20 miles from the main office.
If they wanted to, they certainly could. If their laptop is theirs and they installed their own software, they can monitor or control the laptop anytime it’s connected to the Internet. Company network or global Internet, it makes no difference as long as they have the right software installed.
Alternatively, they can record everything you type and/or take screenshots at calculated intervals and/or record all network traffic and then store all the records in a hidden location until they get their computer back. Cache or no cache, if the computer is theirs, you should have no expectation of privacy. But like seenidog suggested, whether they’d actually waste time monitoring YOU in particular is a different question. It’s probably no big deal unless they’re amassing evidence to build a case against you for some other infraction, but then again, every company’s different so YMMV.
Out of curiousity, Reply, remote control aside, would such keystroke-monitoring/screenshot-taking programs be visible as running processes in Windows, or would there be a much more subtle way of doing it?
They are usually visible in the process list, but they’re not always going to be called something obvious like “KEYSTROKEMONITOR.EXE”. They could be one of the SVCHOST processes or something similar that Windows normally runs. Alternatively, instead of running as a separate background process, they could infect other programs and only run with them; for example, a logger could attach itself to Firefox.exe and only run when Firefox is active. That’ll only capture keystrokes while Firefox is running, but use your imagination a bit and it’s easy to see what other innocuous programs the logger could run as.
And that’s the sort of stuff any 13-year-old “script kiddie” could do with freely downloadable software. A few clicks and any formerly-safe program could be turned into a keylogger/remote control program. I used to use something similar to prank a friend: I’d call him on the phone and then randomly open and close his CD-ROM drive and display, er, “questionable” images on his screen… heh heh. You should’ve heard his howls over the phone as I reworded his sentences for him as he typed 
But anyway, that’s the really basic stuff. I don’t know much beyond that so I can’t say what actual hackers are capable of, but I can offer a few guesses. For one thing, they could replace the task manager (the process lister) with one of their own creation; it’ll look and function exactly the same way but show one less process (theirs). Or they could make their logger shut itself down whenever the task manager shows up, only to reappear when another infected program launches or when the system reboots. Or they could make a custom keyboard driver that monitors input. Or they could modify some other integral part of Windows; or they could use a hardware keylogger (on a desktop, it’d be a commercially-available dongle between the keyboard plug and the USB socket; in a laptop, it might be a little chip embedded between the keyboard and the motherboard); or any one of a million other possibilities, and that’s just the stuff I can personally imagine.
The point is that it’s not really about the software or the computer, it’s about the human behind the screen. It’s a matter of how much you know versus who you’re dealing with and how good they are. If you’re a regular corporate user and your IT department is staffed by regular folks who just want to remind you to follow the corporate AUP, their monitoring program might be plainly visible, sitting in your system tray and nicely popping up the occasional “Remember, you’re using company equipment. Please respect our internet usage policies.” reminder. If you’re a high-level researcher at a nuclear weapons lab facing up against Chinese spies, your concerns might be a bit different.
if you really wanted to hide it, you could. Task manager only shows that which wants to be seen. The controlling code can be buried in operating system files that are running all the time. I believe that is called a rootkit. In fact one way we find the little trojans is to use a tool that does a memory dump, and compare the results to a known clean machine. It is a little Sesame Street. “Which one of these doesn’t look like the others?” One time we got 365 trojans in a twelve month period. We recycled them into a tire and called it a goodyear! Sorry, it was too much to resist.
For practical purposes, if we suspect a system is compromised we fdisk it and blast a new image on it. We use Altiris, but Ghost (Symantec) and many other commercial packages are available, as well as many open source packages.
Well said Reply. Our program is set to put an eye icon in the systray, and if a tech is logged into the machine and watching the eye blinks. We are not spying, just taking care of business. We usually call the person to let them know we are going to monitor thier machine. If the person is not at thier desk, we leave a message and do what we need to do anyway.
So maybe S*P is interesting to pass the time.
Why take a chance on getting tripped up and get a reprimand or possibly worse?
its not THAT big of a deal. I work with teenagers though and you know damn well that all it takes is one prissy ass drama queen of a parent to blow things completly out of porportion.
honestly running the portable FF is overkill on my side of things, I would just rather leave the thing as clean as I can in the event it gets passed on or somone else needs to use it. some of the peeps we have arent all that bright in the tech department and you know how it is with the ignorant, they will find the direct path to that hidden cookie that opens the first S*P and they will of course do it in the classroom full of kids and then have no idea how to shut it down.
I dont think its a real problem but basic paranoia isnt a bad thing in this case.