Thank you for being a valued part of the CNET community. As of December 1, 2020, the forums are in read-only format. In early 2021, CNET Forums will no longer be available. We are grateful for the participation and advice you have provided to one another over the years.

Thanks,

CNET Support

Question

To Catch a Snoop - Autorun.inf

Jun 5, 2012 2:57AM PDT

I have an employee that constantly goes through my desk, so I'm told and looks through all of my stuff. None of her co-workers want to officially sign any paperwork ratting her out. What I'd like to do is leave some bait on or in my desk. My idea was to create a DVD with an autorun.inf file on it that just simply copies the another file on the disc to our network drive mapped for each employee to z:. If I come in and that file is on the drive I know she snooped. Or at least, I'll be able to by the time frame narrow down that she took the disc off my desk and put it in hers.

I've made a few DVD's with two files on them;

autorun.inf
and
send.bat (I could just grab any file but grabbed that one.

Both are in the root of my DVD but it doesn't work on any of our XP computers. It doesn't send the file.

INF Below;

[autorun]

copy source=send.bat
destination=z:\send.bat

Any thoughts on either how to make this work or some other options? I also thought about making the autorun send a system message to my computer which would be 'locked' but still receive system messages.

Thanks for your help.

Discussion is locked

- Collapse -
Answer
This can only end badly
Jun 5, 2012 4:50AM PDT

This can only end badly... And for you. Talk to your boss and her boss if they're not the same person. Say you've noticed someone has been going through your stuff, and you've heard from other people it is this person. Let them then either call the person in and deal with it or pass it over to HR. Keep doing what you're doing and you might find yourself on the wrong end of a disciplinary notice/hearing for installing some kind of unauthorized software on company computers or possibly even criminal charges along the lines of illegal wiretapping.

I know we all like to bemoan the bureaucratic red tape, and how we wish we could just get things done, but the simple fact is that that red tape is there for a reason. All those stupid warnings you see on products, like don't use a hairdrier in the shower, are because someone sued after doing that. Same basic principle applies to most HR policies. It's not quite like the Dilbert comic where there's someone in the HR department who sits around all day coming up with new policies just to torment people. Virtually every policy has some kind of an origin in either your company, or several companies in the past, having been bitten in the ****.

So, I cannot stress this enough that you should cease and desist IMMEDIATELY. Hopefully you haven't told any of your coworkers what you're doing, but if you have, make sure to tell them you decided it wasn't worth it. If the company officials aren't willing to do anything, then you can either choose to just live with this person's "habit" or you could risk confronting them, though then they may claim you're making false accusations against them without any proof, that it's harassment, etc. You're kind of in a no-win situation in the event the company won't do anything and others won't come forward to corroborate your story. It sucks, and for what it's worth, I am certainly empathetic to your situation. I'm kind of a private person myself, and don't like people going through my stuff or eavesdropping on conversations... Even if the content is completely innocuous. But this will only end badly for you if you continue, so one last time I will strongly encourage you to stop immediately if not sooner.

- Collapse -
Answer
Doesn't work anymore.
Jun 5, 2012 4:54AM PDT

Autorun has been set to off for years now. But if you want to pursue this, give yourself time to learn more about Windows and programming in general. I find beginning programmers need a re-introduction to search engines.
Bob

- Collapse -
Answer
Absolutely agree with Jimmy
Jun 5, 2012 4:58AM PDT

If you were this colleague's boss or line manager then there might be disciplinary steps you can take, after discussion with your own line manager, but if not, what you propose could turn out bad, backfire onto you.

This is a disciplinary matter and has to be investigated as such, but not by you. Your boss needs to know.

Mark

- Collapse -
I AM the boss
Jun 5, 2012 12:54PM PDT

I am the boss in this group and it wouldn't end badly for me, but in the line of work I am in I need evidence. I have administrative rights on all the computers in our office.

- Collapse -
Then video the area.
Jun 5, 2012 2:32PM PDT

Tape it, record it and you're done.

- Collapse -
Even still
Jun 5, 2012 7:40PM PDT

Even still, I would pass the issue over to HR and let them handle it. I just see this ending in a way you're not prepared for if you try and get a little frontier justice. Especially since, upon reviewing your first post again, you say that your only reason for believing that anything is going on is because others have told you. That's hearsay at best. For all you know these people are pulling an elaborate prank on you. I know you don't need quite the same level of proof as you would a courtroom, but "bugging" the computers at work (without the blessing of HR) just has trouble written all over it when you tell your superiors how you came across this evidence.

Since you're the boss of the group, I would suggest you ask HR to send someone down to have a quick staff meeting with everyone about it. I can empathize with pretty much every single complaint you might raise about this, but the name of the game is cover your ****. Frankly, I'm a little incredulous that the company didn't train you on this sort of thing when it promoted you to a supervisory/managerial position.

- Collapse -
Not asking for HR advice
Jun 5, 2012 9:07PM PDT

[Disclaimer] The following may sound harsh but I am not yelling, not screaming, so please don't read anything more into this post.

OK, you really have no idea how things work in my work environment. I was here on a technical forum asking a question about a technical issue. But since you opened the can of worms I'll explain a few things.

HR would not be someone that would get involved in this. Ours most likely is nothing like the HR you are used to dealing with.

I have a problem employee that constantly lies, but proving that she lies is handled more like an O.J. Simpson trial than anything else and no, there is no union. When anyone here wants to discipline people it goes up through a 'chain of command' from our division up through a few people, in my case 3 more levels. These people almost get to the point of a forensic investigation because they are so scared of offending anyone or lawsuits. As I have done with other problem employees in the past 20 years I always have my ducks in a row and lots of concrete evidence.

I have an entire unit telling me she is doing this, but none want drug into it. I can solve one problem by having them all write paper on this but do not want to then make five problems as all the others will have to deal with this problem employee being around even if she is transferred out or disciplined. So I'm trying to be the good boss and solve the problem with a technical solution while keeping moral for the other members up. If I have no other recourse, I will go that route.

I had placed things certain ways on and around my desk that verified someone is moving items around. Since my problem works a shift all by herself, it is easy to figure out who is moving these items but at this point I can't prove beyond a reasonable doubt, back to the OJ trial, that a mystical smurf didn't do it. Yes it is that ridiculous here.

This led to a video camera placement in my office which proved that she IS removing things from my desk, rifling through my desk, etc. When she finds something such as a CD or DVD she will leave MY office with it and go into the 'common' office area. The giant people aquarium. As this area is common, as well as due to the nature of our job she sometimes changes clothes in there (she shouldn't but again she works solo on this shift AND doesn't listen to reason or direct orders) I cannot video that area which means I cannot prove she is popping my CD or DVD into a computer.

THUS the original query.

Our H.R. and Elite top of the shelf Management do not have a problem with what I'm attempting to do.
It is not our H.R.'s job to investigate these issues, it is her direct supervisors.

Please do not apply your prior job experience to my job. If you wish to share a computer solution then fine, but counseling me on my job is not going to work because I can pretty much guarantee you do not work in my exact situation.

I am not attempting to infect her work station, which would just cause me more grief. If I wanted to cause myself grief I would put a DVD in my pan that would flat wipe her computer when she looked at it, but again, that would cause me a lot of grief in reimaging it as well as explaining that. I am attempting to just prove that she is reviewing content she shouldn't be reviewing on her work station.

- Collapse -
Do what you want
Jun 6, 2012 6:14AM PDT

Do what you want, but you're making a pretty classical blunder of trying to solve a social problem with a technical solution. That never goes well. Look at how well it's worked for the entertainment industry with one DRM solution after another that gets cracked within hours or days of being released. They can't seem to get it through their thick skulls that the problem isn't people downloading pirated copies, the problem is they keep pumping out the same recycled garbage that people are tired of. You've got a similar set of blinders on that is keeping you from seeing the point I'm trying to drive home.

So, go ahead with whatever scheme you have, but do not be surprised when this all turns back on you. Say you successfully plant some kind of monitoring program on the computers, and get evidence that corroborates what you're being told is going on. What then? Presumably to fire the person you have to present the evidence to HR, who is absolutely going to ask you where you came by this information. So then what if someone in HR gets a bug up their **** about you doing an end-run around them, and decides to come after you for some kind of violation of an acceptable use policy for computers, or even some kind of employee privacy policy? Yes, it would be extremely petty and political, but since when has that stopped people? If anything, that's kind of the new norm in at least the US. What happens with our idiot national "leaders" tends to have a way of filtering down to the rank and file. So there's a pretty decent chance that you'll be escorted from the building at the same time as this other person, even though you are without a doubt trying to do the right thing. In several states, if you took Bob's suggestion and set up a security camera, you could run afoul of state laws prohibiting the recording of people without their express permission, because you are acting as an individual, not a sanctioned agent of your employer, and you could possibly be looking at jail time. Sad, but true. Now, if you had the blessing of the HR department, then any blow back would fall on the company and not you specifically. Also, if we go back to your idea of what is effectively a trojan horse, what if you accidentally capture data that is sensitive to the company? Or maybe your program has some kind of unforeseen side-effect that causes all the computers you've "infected" to go down for some period of time... Then when the IT department investigates, they'll find your little program, pin the troubles on it, and then because you didn't have authorization to install this program on company computers, could find yourself in some real trouble. Also, there's the question HR will undoubtedly ask as to why you decided to start spying on this specific person in the first place. If no one else is willing to go on the record about this, that won't look good for you. Even if you catch her absolutely and irrefutably red handed, if I were in HR at your company, I'd start wondering who else you might be spying on without any apparent cause. Take the exact same circumstances, only let's say one of your subordinates comes to you after having done exactly what you're suggesting. Can you honestly say that you wouldn't, at the very least, question their motives? Remember, no one else is willing to go on the record to corroborate this person's story about why they singled out the person they did for their little sting operation.

There's also a big hole in your current attempt at gathering evidence, and it goes deeper than just autorun having been disabled by default years ago. What if she's using a Linux LiveCD? So she reboots your computer, boots off a DVD or flash drive, and runs a completely independent OS instance. The only possible trace of her having even been there would be file access time stamps, but if the filesystem is mounted as read-only, you might not get even that.

No one is disputing that you're trying to do the right thing, so there's no need to get defensive. The problem is just that you haven't thought this all the way through, and we're, or I am at least, trying to get you to think about this a little more thoroughly. Also to point out that technical solutions for social problems never work. I'm just trying to help ensure that you don't end up getting fired for trying to do the right thing. From what little I can glean about you from your posts, you sound like the sort of person I would like to work for. I want to try and ensure there are as many people like you in managerial level positions as possible, and unfortunately that means playing stupid political games.

So if the HR department is kind of useless, I might suggest just having a quick staff meeting. Without naming any names, just say you've had some complaints about personal belongings being rifled through when the person is away from their desk, and if it stops immediately no further questions will be asked. If not, then the issue will have to be turned over to HR for possible disciplinary action. It'd be bluff, but it might work. It'd be better to get someone from HR to give the little speech, and maybe deliver it company wide. That seems to be your other failing, in that you appear to have adopted an us vs them attitude towards the HR department. You can think they're a bunch of incompetent sycophants (or worse) all you want privately, but it would pay to make nice with one or two people in that department for situations exactly like this.