580
My work has a 100% mandatory vpn and mitm proxy for ssl scanning. I just use parsec to view my laptop from my desktop and browse what I want on my actual personal computer
this post was submitted on 22 Aug 2023
580 points (97.1% liked)
Privacy
39526 readers
1065 users here now
A place to discuss privacy and freedom in the digital world.
Privacy has become a very important issue in modern society, with companies and governments constantly abusing their power, more and more people are waking up to the importance of digital privacy.
In this community everyone is welcome to post links and discuss topics related to privacy.
Some Rules
- Posting a link to a website containing tracking isn't great, if contents of the website are behind a paywall maybe copy them into the post
- Don't promote proprietary software
- Try to keep things on topic
- If you have a question, please try searching for previous discussions, maybe it has already been answered
- Reposts are fine, but should have at least a couple of weeks in between so that the post can reach a new audience
- Be nice :)
Related communities
much thanks to @gary_host_laptop for the logo design :)
founded 5 years ago
MODERATORS
My work has a 100% mandatory vpn and mitm proxy for ssl scanning
These are worse than useless. They are anti safety. If this box or its private keys get compromised ALL tls traffic of all employees is immediately plaintext.
Any company that buys one of these appliances from mcafee or whatever is asking for it (losing most/all their secrets)
That sort of thing is required for a lot of enterprise certifications. When you do work for government, healthcare, banking, etc. stupid "security" is mandatory for checking off compliance requirements. Not that any of it has to be in any way effective...
load more comments
(1 replies)
load more comments
(1 replies)
load more comments
(5 replies)
if you don't have your personal browsing using a private profile of a secondary browser which you know you can delete, you are doing it wrong.
As an IT administrator, if your org has GPOs controlling if you can delete your browsing history or not, there is no chance you will be able to install a second browser without admin credentials.
load more comments
(3 replies)
load more comments
(5 replies)
Not my work.
What are you talking about? They definitely dont see what I browse in a whonix Qube..
Wow, didn't know that is possible. Is it same behavior with other browsers?
Same can be said for any browser, any app, any connection while on the employers network IF they wished to monitor it. Even if you were able to delete all local browsing history and used private browsing, your employer would still be able to know every site you visit if they wished.
If you've authenticated with your credentials on the device, IT is able to see IPs visited and DNS queries and has access to all sorts of network tools to track, shape and otherwise manage your activity.
It's best to assume that nothing you do on your employers network, even when logging into their corporate VPN from a personal device, is private.
I'm always shocked by privacy conscious people who do not have complete segregation of work and personal equipment and devices.
load more comments
(1 replies)