Moved to http://adventuresinnetsec.blogspot.com/2016/06/computer-locked-up-spoolsvexe-using-100.html
Once again, my great state of Maine comes up with another brilliant big-brother law: add computer techs to the list of “mandated reporters” of suspected child abuse. State Senator Bill Diamond (D-Windham) and Know/Lincoln/Sagadahoc/Waldo County District Attorney Geoffrey Rushlau both seem to think this is a no brainer.
My question to them: Are either of your smart enough to repair your own computer? My guess is NO, either because you aren’t technically savvy enough, or you aren’t smart enough. To be brutally honest with you, I’m really starting to think 95% of the Maine legislature and 99.9999% of state appointed employees aren’t very smart lately. But I’ll stop there before I digress into hard-core rant mode.
There are several problems with your scenario of a computer tech being a mandated reporter.
First, it seems you have an exceedingly broad definition here…or an exceedingly narrow one. Does “computer technicians” include anyone working in the IT field (network admins, system admins, database admins, programmers, developers, etc.) or simply those who build, repair, maintain personal computers? If Maine goes with the broad definition, then who do they plan on paying for all this? If we go with the narrowly defined version, I think you can expect to see a drop in the PC repair revenues as I’m certainly not going to let someone called a computer tech in Maine touch my computer other than me.
This brings me to my second point: I don’t have anything to hide (a couple of my good friends are cops, and they use my computer all the time without worry). However, I keep all my family pictures on my computer. Who has the right to make a judgement call on the context of a picture of my step-son running around the house butt-ass naked when he was three? Could that be considered abuse? I would be some big money on someone eventually having their life ruined for just such a picture getting in the hand of an over-zealous “computer tech.” I hear horror stories all the time of people taking their children to the ER for legitimate injuries who end up getting visited by a social worker or the police, some of them even losing their child, all due to a doctor or nurse who just couldn’t fathom who could let a child get hurt. KIDS GET INJURED EVERY DAY! I couldn’t list the number of injuries my brother and I had when we were kids: a hammer claw to the skull, sprained/broken appendages, cuts from a broken wiffle bat across the face, a burn to the chest from an iron being pulled off the ironing board, and my personal favorite – 2nd degree burns to the hands and arms after lighting a plate full of rubbing alcohol and then trying to pour it down the sink WHILE STILL ON FIRE! And each and every one of these accidents were due to our own stupidity/ignorance/arrogance (take your pick). We got lucky – we grew up before the Maine Nanny Program passed. On the other hand, I can remember one incident where my ex-wife’s youngest pulled a hot iron down onto his chest resulting in a first degree burn. She was harassed in the hospital and then later in her home by two DHHS visits. WHAT A WASTE OF TAX PAYER MONEY! Not one of these people harassing my ex bothered to ask her the context of the incident – the fact that she was ironing clothes with a two year old running around and turned her back for less than a minute. Who has the right to say that picture of my step-son naked from when he was three or four is porn? What qualities would make it porn? Would I give it out to Herbert the Pervert? Hell no! Would I give it to his grammie? Well of course! It’s not indecent…at least not until my step-son is 17 and brings his first girlfriend over…time for mommy to bring out the photo album!
(Don’t get me wrong here – more protection for children is great – but it should be done by people who have RAISED children, not freshly graduated kids themselves. Ok – enough of a side rant…)
Being a computer technician is very, very different from being a doctor, nurse, police officer, or paramedic. When these professions get involved, they normally have direct and specific evidence of an injury that could be considered abuse. And they have professional knowledge of what injuries typically only happen because of abuse. As a “computer technician” in the strictest sense of the term, we get a computer that needs to be fixed, typically for reasons completely unrelated to child abuse. Most problems don’t require the tech to dig through the hard drive looking at each file. To be honest, if I could any one working on my computer digging through all my files, I’d probably smack the shit out of them followed by an invasion of privacy lawsuit. One important exception to this is setting up a backup for a customer. You do need to look at some of the files to ensure the backup solution is working as expected. Even then, I’m not digging through every file. If I stumbled upon a questionable file, I would honestly say it would have to be pretty explicit before I reported it to the police. And I don’t need another stupid state law “forcing” me to do so. I’ve personally been in this situation more than a few times (no child porn thank God!) and it’s very sticky. I’ve stumbled upon files which violate internal company policies before – do I report them? If it’s an egregious, blatantly repeated offense of company policy I have no problems turning the matter over to HR. Do I go out and purposely scan the network for porn? No way – it’s a complete waste of time.
Now I get to my last point – how in the hell do Sen. Diamond and Dist. Attorney Rushlau intend to enforce this law? The evidence is cut and dry with most healthcare and law enforcement cases, and its often quite visible through physically injuries and psychological characteristics. How is anyone every going to know that I found what may or may not be child porn on someone’s computer if I don’t report it? If it is child porn, and later on this guy gets arrested, how will you ever know that I actually looked at the file when I worked on his computer two years ago? Personal computers typically don’t provide any kind of an audit trail like this, and if they do then it would be exceedingly hard to dig through all that raw information to find one specific incident of me looking at that file (if it even exists, as I probably used the computer under the owner’s credentials anyway). Wouldn’t the state’s resources be better spent digging through all the evidence on a suspects computer looking for the sources of the porn? Who took the pictures? Who sent the pictures? Where did they come from? And can they be shut down, arrested, shot/killed, etc? Those are far more important issues than finding the one tech two years about who might have been able to report this as porn.
If you want to read more about this, see the Bangor Daily’s article about it (and read the comments too!). Are you a Maine resident and want to tell your representative what you think? The state senate’s email list is here (may be out of date), and the house’s list is here. You can also send your views to Governor John Baldacci here (web form). Let them know what you think.
Other news articles on this:
Moved to http://adventuresinnetsec.blogspot.com/2016/06/remotely-changing-outlook-exchange.html
Moved to http://adventuresinnetsec.blogspot.com/2016/06/error-object-required-when-user.html