Here's a tip for the unwary...
I was browsing through the sites that other users had been to (as one does) while waiting for my delayed flight out of ORD. I found one that I thought looked interesting and it happened to be the personal Outlook Express email account for some Sales turkey with a big name Insurance Account out of the UK. :shock:
Now I figure his company has set him up to be able to logon anywhere without carrying a laptop with him. I took a note of the URL and tried it from my own laptop but it came up with the system asking for a username and password but my own experience with this windows "security" :? system is that once you logon you don't have to do it again while the browser is still going. In this case, when I accessed the lounge PC, Internet Explorer wasn't running & I had to click on the icon but it must have been still running in the background for this to have occurred.
So what did I do?
I accessed his Appointment section, set the alarm, blocked out a two day appointment and wrote him a detailed note telling him that his company has compromised his personal & confidential files by not taking this type of event into account. I also said I'd try to bury his URL as deep into the PC memory as possible (because the PC security wouldn't let me delete it).
Now the company I work for does a similar thing but I need to have a VPN loaded onto the PC and it is such a fickle process that you can only run it on a personal laptop.
All I can say is "BE AWARE"
I was browsing through the sites that other users had been to (as one does) while waiting for my delayed flight out of ORD. I found one that I thought looked interesting and it happened to be the personal Outlook Express email account for some Sales turkey with a big name Insurance Account out of the UK. :shock:
Now I figure his company has set him up to be able to logon anywhere without carrying a laptop with him. I took a note of the URL and tried it from my own laptop but it came up with the system asking for a username and password but my own experience with this windows "security" :? system is that once you logon you don't have to do it again while the browser is still going. In this case, when I accessed the lounge PC, Internet Explorer wasn't running & I had to click on the icon but it must have been still running in the background for this to have occurred.
So what did I do?
I accessed his Appointment section, set the alarm, blocked out a two day appointment and wrote him a detailed note telling him that his company has compromised his personal & confidential files by not taking this type of event into account. I also said I'd try to bury his URL as deep into the PC memory as possible (because the PC security wouldn't let me delete it).
Now the company I work for does a similar thing but I need to have a VPN loaded onto the PC and it is such a fickle process that you can only run it on a personal laptop.
All I can say is "BE AWARE"
I think the said executive should buy you a drink.
