October 01, 2005
My fiancée's IT department has recently become concerned with spyware for the first time, installing about 5 anti-spyware programs on her company-owned laptop. One of them, the (IMHO) poorly designed ewido security suite [sic], flagged some Mozilla cookies as "spyware." The IT guys, who have not heard of Mozilla, have basically freaked out and told her she has to remove it. I disagree with this prescription, because: 1) Cookies aren't spyware (or in fact any sort of "ware" at all). 2) Using Mozilla (as opposed to IE) is likely actually making her PC, and the corporate network it's sometimes a part of, safer. 3) A number of Internet Explorer cookies were also flagged, but no remedy has been deemed necessary for that. 4) My fiancee likes Mozilla, and she doesn't want to get rid of it. We realize that it's their PC, so they have the right to make whatever foolish decrees they wish. But we'd like to try and talk them into changing their mind on this one, because it's a genuinely bad idea that won't make anyone safer, happier, or more productive. Any tips? Anyone else ever face the same situation successfully?
-
If they had not heard of Mozilla before, good luck. The only thing that I can think of is providing them with copies of articles from reputable sources stating that Mozilla is a good choice, and will make their job easier. This is one such article from the WSJ.
-
An IT department that has not heard of Mozilla? I'm stumped.
-
The IT guys, who have not heard of Mozilla OMG, are you kidding? I hate to say it, but if this company can't hire competent people (this indicates they have not lifted a finger to keep up on IE security issues) this could be a losing battle.
-
They're IT people and have never heard of Mozilla. They're IT people and have never heard of Mozilla. There is no hope in a battle against this level of incompetence. And yes, it is incompetence. Your fiancee is better off not making a reputation for herself as a troublemaker.
-
loto: Good thought, perhaps we'll collect some more articles like yours for the benefit of the IT department. chimaera: Yes, that possibility is very much on our minds. It's a big company, and the IT policies are handed down from the high priests in another state. Yes indeed, the IT guys didn't know what Mozilla was. This shocked the two of us as well. My fiancee does not work in a field that's even remotely related to IT, yet she's savvier than at least some of the IT folks at her company. I was tempted to dump a huge pile of scorn on these particular IT people in my original post, but refrained in the interests of brevity. I could go on and on about the things I was called on to fix on her laptop that IT had mangled. They have frequently done things that might make one believe that they're not merely inept at IT, but that they're basically a little slow in a more general way, too. For example, the anti-spyware packages they're forcing down everyone's throats are in some cases clearly "licensed for personal, non-commercial use only." I don't think it should require much savvy to see a problem there.
-
There's an angle there, Lagged2Death. You can report the company to the state for violation of software licensing. You can be a 100% anonymous whistleblower in California, for example. And that might wake up the stuffed suits to the fact that their CIO/CTO is not effectively managing their organization.
-
My thoughts: Option 1: get rid of Mozilla. Run Firefox Option 2: remove IE. Rename Mozilla.exe to IExplorer.exe
-
Not only are they "IT" people who have never heard of Mozilla, but they're "IT" people who think cookies are spyware. (Scare quotes because it doesn't sound like they're at all qualified.) And they think that throwing on as many anti-spyware programs as possible, instead of finding one or two good ones, is the answer to their problem. Good luck educating them about anything. Also, you'd probably have the same problem with Firefox. Anything that doesn't say Microsoft will raise a red flag for these dimwits.
-
Calming IT? Do you have a thorazine dartgun?
-
chimera: That's a good notion, and bears investigation. That's a long-term thing, though, and I'm looking for something that will keep them from meddling further on Monday. MCroft: Firefox's greater name recognition might be a plus, but we do actually use the extra Mozilla suite components. I really like the idea of cloaking the program a bit. It probably wouldn't have to be even that well-hidden to fool the people we're dealing with. We could call it "MegaCorp Financial Defrabulatron v6.0" or something, and they'd probably leave it alone. Koko: To be completely fair, ewido identified the cookies (explicitly, incorrectly) as "spyware" and the IT people merely believed it. Which admittedly is only marginally better. It could be that IT's marching orders are a little simplistic - to ensure every PC gets a 100% clean scan with all 5 of the malware scanners, perhaps. Although one would think an exception would have to be made for IE. Thorazine. Hmm. Would a box of donuts absorb much thorazine?
-
I'm with the "Abandon all hope" crowd. I've dealt with IT departments that clueless, and they are utterly intractable. Mainly because they're a bunch of scared little boys operating solely out of manuals, but who will be held personally responsible if anything malicious were to breech the network. I'd advise giving up the Mozilla because if anything - and I mean anything - goes wrong on the network and she has ANY connection to it at all, they will attempt to put all the blame on her.
-
I'm with everyone else. As an IT Monkey myself, wondering how is it possible the IT Department has never heard of Mozilla? Um, WTF? I think someone is just lying - perhaps scared they may have to support something that hasn't grown out of Redmond? Anyhow, I would say keep using Mozilla/Firefox unless she gets a specific direction from IT or the Network Administrator that it is forbidden. Then have her load her Firefox profile from a thumb drive. No need to worry about deleting cookies or bookmarks from her laptop, that way. I think you can also run the whole browser from a thumbdrive, though I've never tried it. Tracking cookies can be considered spyware - or I guess more correctly, files used by online spyware. The IT guys, who have not heard of Mozilla. Man . . .You should also show them this cool website at slashdot.org. Then again, perhaps they have never heard of "Linux" either.
-
You can try to download Netscape 8 since it has been around for quite a long time (and is based on mozilla). Otherwise, get Portable Firefox which can be run from a usb drive and doesn't leave any tracks behind.
-
Scott Berkun, who worked on the UI for Microsoft's Internet Explorer, has switched to Firefox and tells why.
-
It doesn't surprise me nearly as much as everyone else that there are IT people who have never heard of Mozilla. There are, basically, IT people, and then there are people who know about IT. In the best of corporate environments, the correslation between these two groups is 1-to-1, but I've worked in enough large companies to dread the ignorance of the generic heaving psychopath [1] that gets sent around to reformat your harddrive because your spellchecker has stopped working. This, of course, will be the same person who will freak out that you've installed a non-Standard-Operating-Environment browser on your machine, and who will be using multi-million dollar computers to play the latest version of Doom against a group of 12-year-olds in Germany on company time on those few unpleasant occasions when you get a chance to visit his work environment. More to the point, some or many IT people evolve into the sector from within a company, so the only environment they get any in-depth exposure to is their SOE, and thou-shalt-not-question-it, because, just like everyone else, they hate having to say, "I don't know." [1] Who thinks the fact that he can barely communicate in English outside of sullen grunts, but that he knows how to speak Klingon [2] makes him amazingly cool and intelligent [3] [2] Which, come to think of it, sounds like a language strung together of little more than sullen grunts. [3] And, what the hey, maybe it does...
-
i don't know this ewido security suite, but cookies do raise privacy concerns and can be used for nefarious purposes. your fiancee has my sympathy, l2d. i recommend portable firefox.
-
I think you can also run the whole browser from a thumbdrive, though I've never tried it. I have. Works great, including plugins. portablefirefox.mozdev.org is the officially supported package. Thunderbird as well, if you're interested. Running it as IMAP works best, POP3 will want to make local copes which will increase read-write cycles and thus decrease your thumb drive's lifespan. So, uh.. What's in Mozilla that you can't add back in to Firefox as a plug-in? If it's just the more functional sidebar bit for example, ez-sidebar gives you back the "F9 opens or closes it, you can add panels all you want" bit that I missed when switching from Mozilla to Firefox.
-
portablefirefox.mozdev.org is the officially supported package. And I'd run it in a heartbeat, but my IT guys won't let me use my thumbdrive. Which I can sort of understand, but it still irritates me.
-
I recommend threats of violence.
-
Thank you all so much for all of your suggestions! We'll definitely give portable Firefox a try, since we do have a thumb drive to try it on. I've also cleaned up the Mozilla cookie situation, clearing out the offending cookies and switching from "accept all cookies" to using a cookie whitelist. The anti-spyware scanners don't see anything to complain about right now; maybe that's all IT is really after. As to my preference for Mozilla - maybe I'm just set in my ways. I've tried out every major milestone build of Firefox since about 0.6 or something (I've got the 1.5 beta installed right now). Every time, I use Firefox exclusively for a few days, then end up coming back to Mozilla. There's always one or two nitpicky little things that annoy me about Firefox.
-
Actually the rename firefox.exe to iexplore.exe might be enough to defeat these clues IT drones. Their logs probablyonly identify the program generating the alerts by name. If they see that is "iexplore" that is generating the alerts they may just ignore it.
-
And I'd run it in a heartbeat, but my IT guys won't let me use my thumbdrive Ghostzilla will run off CD if that helps you out.
-
Nope. Damnable net appliances instead of computers at our workstations. No drives at all. Handy little USB ports right there in the front of the brick, but as inaccessible to me as the mysteries of scrotal shaving.
-
Just in case anyone stumbles on this old post, I thought I'd follow up. We did decide to use Portable Firefox and Portable Thunderbird on her USB flash drive. This way, she can say (with perfect honesty) that she did remove the software she was ordered to remove. We set up Firefox to reject all but specifically-exempted cookies, so its unlikely any future scans will turn up errant tracking cookies again. We've also applied a very thin disguise to the icons by renaming them to something that sounds vaguely job-related. So far, things seem to be working quite well. Thanks much for all the suggestions, everyone!