If you work for a company that's bigger than a mom and pop, chances are very good that your IT department has this same level of access to any computer used in the organization. Huntress is basically an outsourced portion of the IT department for smaller companies that don't have their own 24/7 security team. It's a pretty common thing, with many vendors offering this type of service. Your work computer may have a similar product/service installed

▲

ctoth 3 days ago | parent [-]

This makes total sense.. Except who is the SMB in this case? It sounds like the person just downloaded this off the Internet, it wasn't pre-installed by IT. So it sounds like Huntress has full and complete access to whoever downloads their software to try it out/demo it... and aren't afraid to use this access for their own purposes/just do a bit of poking around because why not? When a hostname matches?

▲

viccis 3 days ago | parent | next [-]

Reminds me of when a Hostgator employee told me on reddit that he liked digging through peoples' websites and chatted with me about the stuff I had hosted on my website.

▲

Sophira 2 days ago | parent [-]

That's potentially different, to be fair. Websites are generally made with the intention of making them public, and unless you're digging through stuff that hasn't been made public, there's nothing wrong with browsing your customers' websites and talking about it. (Of course, maybe that's what the Hostgator employee was doing - in which case, shame on them.)

On the other hand, I'm pretty sure that the person who installed Huntress did not intend to upload any info at all, let alone to have that information made public.

	▲	viccis 2 days ago \| parent [-]
		No he was digging through my FTP contents that weren't publicly viewable.

▲

spogbiper 3 days ago | parent | prev [-]

yeah i don't know about the legality or morality of what huntress did here. i just know these types of products/this level of access are very common