Before you start spending time and money securing your machine, consider this: he has physical access to your workspace and is fully authorized. Suppose you bring your own laptop to work, with Slackware, firewall, AV, encrypted disks, and god knows what else, and make it a point to NEVER leave it out of sight. Then he'll just hide a webcam and steal all of your passwords. OK. And what if you copy and paste your passwords? He will still read your email and will find a way to embarrass you.

I am not saying that the advices above are bad or ineffective. For sure, they will improve your security. But what you really got on your hands is a physical security problem: a guy in a cubicle next to you is harassing you in a childish fashion. A prudent way to deal with this situation may be to get him fired, like others suggested, or to take him out to a bar and make him your friend. The last option also gives you an option of backstabbing this jerk later on. Obviously, it won't work if he is reading this board.

I agree, there is no effective way of dealing with this on hardware or software level. You have to do something about him.

Anyway... This poo-cloud has a silver lining: you killed Windoze and replaced it with one of the best OSes you can buy with money. Congrats, and happy slacking.

2 members found this post helpful.

It was suggested in a recent post here that it is possible to circumnavigate 256 aes encyption on a hard drive by applying a 5 dollar wrench to it's owner until they reveal the password. In the spirit of KISS, you may want to explore the potential of this technique to be resolve other issues. Just kidding of course.

Not one likes whining bitches.
No amount security will help you, if that douchebag can legally and physically access to your computer.
You boss want to fire you, but can't say it to your face (legal reason), so using him to harassing you to quit.
Lawsuit toward giant settlement.

Well.... He, the op, is an employee.
Is he using their hardware? If yes, then it should be use only for work related purposes. I'm surprised they let him take windoze off the machine and install Slackware. Right there that would be grounds for termination. It is probably all spelled out in the work application. Most firms in the U.S. have the right to fire an employee at will. If that was all spelled out in the contract he, regardless of what some worthless attorney might say, doesn't have a leg to stay on.
If there is no contract and/or employment application then it all up in the air.

If you are security person you should set trap and catch him in act to get proof material. If not then only real solution is use personal computer(netbook, laptop) or LiveOS either from one time recordable media(one that can't be burned more than once like standart CD without rewriteable&erase feature to close abilty to modify it on source media) or USB to add documents inside if needed. Then once you leave computer you take that stuff with you and done.

An Slacky installed into 2.5" or even 1.8" USB and/or eSATA hardrive is your best friend in this case, dear OP ...

It is the size of a wallet, or even less. And they can have 80 to 640GB. And the 'real' computer system will be used only as a host and data storage.

#1.) Get another job. You are going to get fired.

#2.) I'm a homophobe too, yet many of my very best friends swing the other way. That doesn't make him a bad dude, and there isn't anything inherrently wrong with someone being a homophobe anymore or less than someone being gay.

Okay, now that's out of the way, the principle of escalation through chain of command is complete within your organization at this point, and it is time to take the matter to the authorities.

If bozo is your security *expert*, whatev... He is in a position of power and authority over you, and as such, this may be a matter of sexual harrassment and other abuse of power issues which federal law (and many state laws depending upon where you are) provides you protection and relief from, under the US Constitution and other legislated acts.

In the United States, there are severe penalties for not only engaging in the type of behaviour this dikhed has subjected you to, but also for enabling this type of dangerous person in his campaign against your well-being.

I hope you have already started firing off resumes, because no matter what the law of the land, they're going to fire you when the knock comes on the door from the process server, or law enforcement officials - maybe not that day, but soon... real soon afterwards.

These people appear to be clueless to what they're going to be held responsible for in the long run, and even once all is said and done and you get your payday, and they their comeuppance, they will have learned nothing - it's a cultural thang.

Back in the day, I hired a kid I thought was sharp, and he did some things to my hosts that resulted in my taking him out behind the building and beating the Jesus out him until he knew for sure he would be fishfood in the Pacific Ocean if he called the cops (Can't do that stuff anymore, I'm a dad now).

A few days later he came back, apologized, and even though I wouldn't give him his job back he showed me everything he had done - I still replaced every single of the rest of the hosts I hadn't already, however.


And if he's rooted your box, and if you posted to this forum from that machine, he's prolly already trolling here.

#3.) In short, unless you follow Eric's suggestion to encrypt your entire /, with the /boot on a USB stick, and secure your keyboard and mouse as H_TeXMeX_H points out, there is no way you can be sure he hasn't pwn3d you.

Sure, set passwords in your BIOS too, and set the interlock switch if your box has one too, and then file charges (criminal or otherwise - you can google that or seek help from a LBGT advocacy group. I have a good friend who is a sysadmin and very active in that arena, and I can put you in touch with her if you pm me or contact me offlist.

Short of that, there's really nothing to keep bozo from booting your box into single user mode, or from an install/rescue disk, installing a rootkit, keyloggers, replacing tools like ps, top, and anything you put there to catch him either.

Most importantly, you are in a dangerous environment not conducive to your continued health and welfare - you need to GET OUT.

I hope that helps

Kindest regards,

1 members found this post helpful.

Start looking for the new job.
In the middle time in additional to already proposed measures I suggest to boot from cd/usb, that you take with you home and never left laying around

FWIW there's also

tripwire

http://www.tripwire.org/

How about wireshark so as to know what all protocols and etc. are on the network (you might catch him at trying to crack into yours via the network).

There's security/forensic distros on live cd (it sounds like he already may be using these).

Label a few cd disks with some of the name(s) of some of these type of distro and accidentally leave disk laying around ??

Interesting thread.

How to detect keyloggers? A quick search of the web shows lots of discussion, both for Windows and Linux based systems.

To the OP:

You haven't provided sufficient details to allow others to help you in a meaningful way. Instead everybody has to speculate about your options. You did not provide a general geographical location so others would know what general rules of law and jurisdiction apply. One of your posts imply the United States but you did not say for certain.

You mentioned moving the mouse pointer. That means the nutcase is using remote control software to access the computer you use. If the computer is your personal property, then disable the ability to connect through remote control. If the computer is not your property then you cannot stop remote control access because the nutcase can log in at that computer with administrative permissions.

Passwords at any level are easily bypassed. As mentioned, encryption might be your only hope. Yet just as you easily wiped the hard drive to install Slackware, nothing can stop the nutcase from wiping Slackware and installing Windows. Bear in mind that trying to control any computer in such a hostile environment is practically impossible.

If your location is within the megalomanical location known as the United States, then I suspect this nutcase (and the business owners) are violating several statutory laws. In any environment, prudent usage of remote control software is required. Any usage of another computer through remote control software without a record of that usage, such as a help desk ticket, negates any effort of accountability.

Deleting an operating system simply for the sake of a prank is deliberate destruction of any ability for accountability. I would be surprised that any IT person in any company is allowed to maliciously tamper with computers in such a manner.

Bottom line: If the owners overlook this behavior then you are up the proverbial creek without a paddle.

Some fundamentals.

If the computer you use at this place of employment is owned by the business owners, then you have little to say about the maintenance of that computer.

If the computer is the property of the owners and they allow you to install any operating system you desire, you still have little to say in the maintenance of that property. The owners only have provided you permission to install your choice of operating system.

If the owners have not provided you permission to install your choice of operating system then possibly you have set up yourself for termination by installing an unapproved operating system.

If the computer is your personal property, then you have standing to protect that property. Take whatever action you deem appropriate for that computer. Consult an attorney too.

Perhaps this company is very small, say with less than 10 employees. If that is the case then possibly the business owners have no formal IT policy. From your limited description, the owners trust the nutcase in all things IT related. Once again, you are without a paddle.

In the end, if the business owners are comfortable with the behavior of the "fairly psychopathic and untrustworthy person," then you have three basic choices. If the computer is owned by the business owners then go with the flow or vote with your feet. If the computer is your personal property then consult an attorney for options. I suspect a reasonable attorney will tell you to vote with your feet.

I understand the economic situation and finding a new job might not be palatable. The simple fact that the owners allow this behavior is a little more than curious. I would not want to be in that environment.

One way or another I'd consult an attorney. There might be more going on than you think.

If the computer is not your personal property, and you decide to vote with your feet, then do everything possible to leave a good trail why you are leaving and ensure the computer is restored to original condition as best as possible. Otherwise you could be accused of maliciously tampering with the property of the business owners.

I believe your referring to this xkcd

To the OP, report them to the government authorities (It may help if you can get proof of him interfering with your work), and find a new job.

This takes the entire computer element out of the equasion.

1. Pour some sugar in his gas tank (liquid tide works the best, the car will start and he will start to go down the street, nothing but bubbles are going to come out of his exhaust rendering the car a total loss)

2. If his car takes regular fill it up with some diesel.

3. Find an ambulance chasing attorney to sue the shit out of him, and the company for condoning this type of environment.

4. Find a way to get fired and collect unemployment.

5. Find a new job.

I say give him complete access. Start logging in under a user named "Public User" and then don't put anything personal/interesting on the computer. It'll be real boring when he has to look through logs and all they find is work. Duh, winning.

Alternative: remove the hard-drive and run your OS off a portable thumb drive and take it with you. Then put a boot password on the bios. Should keep him busy for a while...