Skip to main content.
Sunday, July 23rd, 2006

My New Computer – Chock Full with Big-Brotherware

I’ve been trying to be real good with my new work computer – I got it on 07 June, and there’s all kinds of things that I haven’t installed on it that I used to consider basic necessities. Hell, I haven’t even installed Mozilla yet; but this restraint has given me the chance to try out Internet Explorer 7 Beta 2, which I don’t loathe nearly as much as I expected to.

All this because I wanted to start out on a new slate with corporate IT. My old computer probably had too many applications loaded up on it for their liking, but I enjoyed some benefit from grandfathering – I’m sure they considered it their predecessors’ mess. Of course, also, none of it was malware – I was scrupulous about keeping it clean. But this time I was determined to try and follow all the rules, and I’m sure a lot of my obstinacy was aimed at making a point about how stupid I thought some of the rules were – but I’ve come to realize that the rules are not going to be changed any time soon, because everyone is either totally ignoring them already, or no one is installing additional software on their work machines.

But I can’t get too much on a soap box about all this – I’ve actually started to develop some friendly relationships with several of the IT support people, and even if it isn’t them that are dropping in on my blog every now and again through company servers, I feel I have enough of a relationship with them now that if I have something critical to say, I should be saying it to their faces. There is also a delicate balance to be maintained just because our IT got outsourced – so the people I deal with actually have two masters, and I can’t get too ornery without sounding unappreciative of their support.

But I have come to realize that there are some profound philosophical differences between not only our current crew and me, but with my old IT friends. Apparently, it’s gospel to IT departments that users are somewhat akin to sixteen-year-olds that have just been entrusted with the keys to the family car – there is an obvious need to compel them to allow us to use this equipment, but they know we’re just so hopelessly inept that it’s a miracle any day we don’t break something. Which brings me face to face with that great indignity, big-brotherware.

I suppose a lot of users aren’t even aware of the AssetMetrix agents that are lurking on their computers, but they probably notice little things they can’t do because of Group Policy. I’ve studied both with some interest, but today I learned something new. I was working at home, trying to troubleshoot what has gotten to be very intricate VBA code, when every few minutes my computer would lock up for 30 seconds because something was trying to open up Outlook (which doesn’t work too well when it can’t contact the Exchange Server), presumably to send out an email. I wondered whether I has making coding errors that were somehow issuing OLE calls; I scanned for spyware, even though I doubted I could have picked any up with my habits; and I sat and watched the activity of the processes though Task Manager, but I couldn’t see what was happening. So I broke down and warmed up Sysinternal’s Process Explorer, and found the culprit – it was one of the agents of the Windows Management Interface, wmiprvse.exe.

Now I have no clue what the WMI thought I was doing that merited a call home on a Sunday afternoon – I deleted the wbem logs after they showed up in SpyBot. Hell, I had never heard of WMI, but its description – “a common interface and object model to access management information about operating system, devices, applications and services” – and it’s deployability – through scripted events, or by directly interrogating the client machine remotely – is just chilling to me. I mean, what do they need to know so bad? I see in my router logs that the computer contacted my local office server through ports 2967 and 38293, and then it LDAP’ed every server in the network. Was it squealing on me because I didn’t like the Group Policy and gave myself an extra ten seconds of reaction time after my screen saver kicks in to avoid having to retype in my password? No, I suspect it was just a pervasive climate of constant monitoring. I don’t know what they can do with all those reports – surely there isn’t someone sitting around scanning for the yahoo who thought that he really needed that emoticon toolbar that came packaged with VX2. But I’m supposed to write up a request to justify installing say, the Gimp, on my computer. Why, you ask? Because it’s free, and I can use it! And it’s open source and clean, and it isn’t going to connect to some media server whenever I open it it up, checking for “updates” (see my Update or Die semi-rant), but mostly to download advertising to my desktop.

I would have been using my home computer, but it was tied up a lot today as Partition Magic was shuffling things around to generally make space, and I was setting up a TrueCrypt strong encryption volume – not that I really have anything that private, but it would be fun to watch the forensics people sweat it out if they ever did want to get in.

Posted by Greg in Networking, Software


This entry was posted on Sunday, July 23rd, 2006 at 23:51 PST and is filed under Networking, Software. You can follow any responses to this entry through the comments RSS 2.0 feed. Both comments and pings are currently closed.

2 Responses to “My New Computer – Chock Full with Big-Brotherware”

  1. Choco says:

    Seriously some organisations should spend way more time in making good coded programs and use old fashioned interviews to figure out how to update and improve their products. Rather than checking your system they should produce platform irrelevant perfect code that doesn’t care. Call me simpel, but I really get tired of “some” vendors spying/updating/retrieving info and delaying an eventually degenerated malware CMS… (if you get my drift)

  2. Choco says:

    ps you’re so right.