Why YSK: It appears several Lemmy Instances are flagged as suspicious and at least 1 instance intentionally using the name of ransomware. A couple of the big enterprise monitoring suites (Fortiguard, ZScaler) will flag your account and may end up with you being pulled into an office for an explanation, or worse.

TL;DR: Keep browsing to your local instance at work for now.

  • LostDeer@infosec.pub
    link
    fedilink
    arrow-up
    464
    arrow-down
    4
    ·
    1 year ago

    Don’t use company computers for personal stuff, it all gets logged and can be used against you at the very least as evidence that you weren’t working come performance reviews.

    • givesomefucks@lemmy.world
      link
      fedilink
      English
      arrow-up
      223
      arrow-down
      3
      ·
      1 year ago

      It’s fucking insane people don’t know this in 2023.

      Work computers are for work, and pretty much every employer monitors what you do on it.

      • lagomorphlecture@lemm.ee
        link
        fedilink
        arrow-up
        57
        arrow-down
        2
        ·
        1 year ago

        I occasionally click on the little wether icon and see what the forecast looks like. Hope I don’t get fired!

        At my old job we had to research customers which frequently involved looking on Facebook and other sites. I was very intentionally not logged in, which probably wouldn’t work now, and kept any and all searches to items that I could prove were related to a work item. It’s insane that people don’t follow that advice.

        • penguin@sh.itjust.works
          link
          fedilink
          arrow-up
          35
          arrow-down
          1
          ·
          1 year ago

          Things like weather will be fine unless you have an unreasonable boss/job.

          But people should only use work computers the way they would if they knew the entire company was watching a live stream of their desktop.

          Even for working from home, I put my work laptop on the isolated guest wifi because I don’t trust them the same way they don’t trust me.

      • IsoKiero@sopuli.xyz
        link
        fedilink
        English
        arrow-up
        20
        arrow-down
        3
        ·
        1 year ago

        Work computers are for work, and pretty much every employer monitors what you do on it.

        Depends heavily on where you work. My employer don’t track what we use the computers for (of course there’s a ‘TOS’ of sorts which says that it’s company property and should only be used for company stuff) but as long as you are at least somewhat reasonable on what you use the system for it’s fair play. Things like checking your personal email and occasional visit to lemmy/whatever your social media poison is doesn’t raise any flags as long as you get the job done and that’s it. Of course you can’t install anything on the system but as long as a browser session on incognito mode is enough and it doesn’t harm your duties, while technically forbidden, no one really cares.

        And yes, I know this for sure, as I’m one of the guys who enforces the policies for our gear. YMMV.

        • _danny@lemmy.ml
          link
          fedilink
          arrow-up
          3
          ·
          1 year ago

          Good advice always has its exceptions. But in general you should never use a work device for personal use because it’s very easy for that information to be either compromised and/or used against you.

          My personal guidance is “if you don’t own the device, pretend the owner is looking over your shoulder” it’s incredibly easy for them to install keyloggers and trackers remotely and silently.

          • IsoKiero@sopuli.xyz
            link
            fedilink
            English
            arrow-up
            3
            arrow-down
            1
            ·
            1 year ago

            it’s incredibly easy for them to install keyloggers and trackers remotely and silently.

            And in here that’s very much illegal thing to do without prior consent from the employee and even with permission it’s requlated on what you can do with the data. Of course companies are permitted to restrict traffic and otherwise limit what users can do on the devices they’re given to, but it’s still illegal to spy individual users and what they do. Strong(ish) worker rights are a very nice thing to have around.

        • klyde@lemmy.world
          link
          fedilink
          English
          arrow-up
          2
          arrow-down
          6
          ·
          1 year ago

          Then your job probably isn’t that serious then like others where they get monitored.

          • Oisteink@feddit.nl
            link
            fedilink
            arrow-up
            1
            arrow-down
            1
            ·
            edit-2
            1 year ago

            Intelligent reasoning! Remarkable!
            Here’s another take: it’s all down to the laws you let your law-makers write. If I quit my my boss is not allowed to read through or keep my account active - in their system.

      • wizardbeard@lemmy.dbzer0.com
        link
        fedilink
        English
        arrow-up
        22
        arrow-down
        1
        ·
        1 year ago

        Even if you don’t, there’s plenty of different ways to identify a user on company wifi.

        For example, have your cellphone named “Stephano’s iPhone”? Narrows it down to the Stephanos working in range of that access point.

      • Bongles@lemm.ee
        link
        fedilink
        arrow-up
        4
        ·
        1 year ago

        I usually used a VPN if I was on the WiFi. Made me feel better even if I’m just browsing memes

        • Ajen@sh.itjust.works
          link
          fedilink
          arrow-up
          3
          ·
          1 year ago

          Connecting to an “unauthorized” VPN is against IT policy for some companies, especially if your job involves handling sensitive data.

      • smeg@feddit.uk
        link
        fedilink
        English
        arrow-up
        4
        arrow-down
        4
        ·
        1 year ago

        Always use a VPN when on a network you can’t trust. There are plenty of free and trustworthy ones you can activate with one click, and then all the company sees is noise.

          • smeg@feddit.uk
            link
            fedilink
            English
            arrow-up
            6
            ·
            1 year ago

            I use the free tier of Proton VPN, it’s been well audited and proven safe!

          • outdated_belated@lemmy.sdf.org
            link
            fedilink
            English
            arrow-up
            3
            ·
            1 year ago

            Different threat models. There’s the threat of being punished or fired by workplace surveillance;

            Separately, there’s also the threat of some unknown third-party snooping on your data for whatever other reason (identify fraud, etc).

            The post discusses the first and I’d argue that’s more compelling for most people, but the second is also valid.

          • XpeeN@sopuli.xyz
            link
            fedilink
            arrow-up
            2
            ·
            edit-2
            1 year ago

            RiseupVPN, calynx and protonvpn are pretty great and trustworthy. 2 first ones are non profit based on donations only. And proton VPN is well audited (but require account while the first two doesn’t)

          • ferret@sh.itjust.works
            link
            fedilink
            English
            arrow-up
            1
            arrow-down
            1
            ·
            1 year ago

            Cloudflare’s free VPN is trustworthy and very fast. You don’t get to pick server location though so it is only useful for cases like this.

        • visak@lemmy.world
          link
          fedilink
          arrow-up
          4
          ·
          1 year ago

          If the company owns the endpoint there’s lots they can do to monitor your traffic even with a VPN. For phones if you sign in to work mail with your phone and allow them to manage your device just assume they have control of it now.

          • smeg@feddit.uk
            link
            fedilink
            English
            arrow-up
            7
            arrow-down
            1
            ·
            1 year ago

            Never putting any of their software on your personal device is a good rule in general

              • Ajen@sh.itjust.works
                link
                fedilink
                English
                arrow-up
                1
                arrow-down
                1
                ·
                1 year ago

                And refusing to install your company’s software on your work computer is a good way to get fired for cause.

                But some people have the option to access work email, etc on their personal devices, as long as they install their company’s monitoring/security software.

    • uberrice@feddit.de
      link
      fedilink
      arrow-up
      15
      arrow-down
      1
      ·
      1 year ago

      Depends on your work. I agree with you, but for example my work is different.

      Yes, we have managed devices as well, but my department specifically went for unmanaged devices. Just plain old laptops. Install whatever OS you want, do whatever you want. I only have the base windows install on there for some compatibility reasons, I mostly just use PopOS.

      And we’re also explicitly allowed to browse private content - as long as the work gets done and we stay in budget, do whatever.

      • theDoctor@lemmy.sdf.org
        link
        fedilink
        arrow-up
        21
        ·
        1 year ago

        If you are on their network they can see what you are doing. At the end of the day, the business will protect itself.

        Do what you want at your own risk. But never assume that any company is on your side.

        • monobot@lemmy.ml
          link
          fedilink
          arrow-up
          4
          ·
          edit-2
          1 year ago

          This is so simple, whatever policy they have if something goes wrong they will try their best to find a scape goat.

          Why do you people have phones with gigabytes of daya for?

          Additionally, do your best not to be part of the company where you might get into trouble for just using internet.

        • uberrice@feddit.de
          link
          fedilink
          arrow-up
          1
          ·
          1 year ago

          Of course they can. That’s why I usually use my phone as a hot spot when I’m browsing private stuff ;)

      • ludwig@lemmy.world
        link
        fedilink
        arrow-up
        2
        ·
        1 year ago

        Do the other departments use managed devices? IT might get pretty mad if your department went over them and bought computers themselves, lol.

        It’s not optimal from a security and legal point of view.

        • uberrice@feddit.de
          link
          fedilink
          arrow-up
          4
          ·
          1 year ago

          IT specifically has an option for unmanaged devices, exactly for developers like me :)

          • ludwig@lemmy.world
            link
            fedilink
            arrow-up
            2
            ·
            1 year ago

            Alright. Seems reasonable as long as the devices are sandboxed from the company network and resources.

            • uberrice@feddit.de
              link
              fedilink
              arrow-up
              2
              ·
              1 year ago

              They aren’t, and our private phones are also connected to the network ;)

              But then again, it’s a fairly large organization vpn’d up over multiple locations, with server farms in different VLANs and so on, so the network we usually access when working are in a different subnet.

              I do know what you mean though - it really depends on what the company does. Prior, I worked at a company that developed and manufactured hardware cryptography devices - I learned proper security procedures there :) our ‘actual work computers’ weren’t even connected to the Internet, and the unmanaged laptops accessed the same WiFi guests would access that, well, only went to the Internet. Just wpa2.

              • ludwig@lemmy.world
                link
                fedilink
                arrow-up
                1
                ·
                1 year ago

                They aren’t, and our private phones are also connected to the network ;)

                Why though‽ Most consumer routers even have a guest network enabled by default.

                it really depends on what the company does.

                That’s true, but an attack could probably cause a lot of damage to any company (especially a big one) without proper security. Regardless of what they do.

                Well at least you don’t have to deal with ITs PC policies, which can get pretty annoying. Allowing any device to join the company network seems incredibly stupid though.

                Let’s just hope that none of your unmanaged machines get compromised.

                At my previous company, only domain work computers could join the PC WiFi (with a certificate, so no passwords) and work smartphones could only join the work WiFi for mobiles.

                Private devices and very limited amount of non domain computers were only allowed on the guest network and couldn’t connect to any other.

                The company didn’t do anything special that needed extra security.

    • inspxtr@lemmy.world
      link
      fedilink
      arrow-up
      7
      ·
      1 year ago

      agreed with the point. However, lemmy might soon be the new reddit for information, asking questions, troubleshooting.

      So I guess a solution for accessing lemmy for such resources on company computer without being flagged would be good, especially this gets a bit more complicated with the decentralized nature of the fediverse (multiple domains of lemmy)

  • Poob@lemmy.ca
    link
    fedilink
    arrow-up
    145
    arrow-down
    4
    ·
    1 year ago

    Browsing personal sites, especially social media, on a work computer is insane

    • XTornado@lemmy.ml
      link
      fedilink
      arrow-up
      7
      ·
      1 year ago

      Insane? I wouldn’t go so far, everybody has downtimes from time to time, unless you are doing something crazy… It is fine.

        • Lobohobo@lemmy.world
          link
          fedilink
          arrow-up
          4
          ·
          1 year ago

          Really depends on the place of work. I work in the IT of out company and my PC isn’t monitored. My door is constantly open though and there are a lot of people passing. Me looking at the screen is normal and part of my work. Me looking at my phone is always seen as me not working.

  • stark@qlemmy.com
    link
    fedilink
    arrow-up
    131
    arrow-down
    3
    ·
    1 year ago

    Stay off company resources when using technology for personal use.

  • Powerpoint@lemmy.ca
    link
    fedilink
    arrow-up
    127
    ·
    1 year ago

    Just don’t use a work computer for anything but work. Use your personal cell phone and don’t use their wifi.

    • WildBanjos@lemmy.world
      link
      fedilink
      arrow-up
      46
      ·
      1 year ago

      It constantly surprises me how many people use their work computers as as if it was a personal computer. They’ve got family pictures, shopping, browsing, socials, everything. I’ve tried mentioning before, in a roundabout way, but people really don’t care. And then when they get laid off or quit then they’re shocked as hell once the computer’s remotely locked and wiped and then they make a big stink about how all of their stuff was on there. It’s like what did you expect to happen.

      • BenVimes@lemmy.ca
        link
        fedilink
        arrow-up
        5
        ·
        1 year ago

        My work phone is specifically partitioned to separate personal and work activities. I can’t even copy and paste text between the two sides, they are so disconnected from each other. This is done specifically so people can use their work phone for personal business without cross-contamination.

        I still refuse to use my work phone for anything but work. I only log into my personal accounts long enough to install/update a few apps from the Play Store that aren’t allowed on the work side but are still useful (MS Teams, WhatsApp).

        Part of that is not wanting to enter a 12 character password every time I want to do anything simple . But the other part is that I just don’t want to mix my personal and work lives more than I have to.

      • Z_Karma@lemmy.world
        link
        fedilink
        arrow-up
        5
        arrow-down
        1
        ·
        1 year ago

        The reason I used to use my work PC for online purchases/personal finances because the network at my employer was much more secure than my home network. But it was a smaller company back then, now that we’re “corporate” (partnered a larger entity) I don’t.

        • Jesus@lemm.ee
          link
          fedilink
          arrow-up
          3
          ·
          1 year ago

          I’ve literally never once seen porn on Lemmy despite everyone constantly talking about it.

            • Jesus@lemm.ee
              link
              fedilink
              arrow-up
              1
              ·
              1 year ago

              I saw some not long after replying to you. I still feel like it’s way less than people talk about though.

        • joelfromaus@aussie.zone
          link
          fedilink
          English
          arrow-up
          3
          ·
          1 year ago

          I used to use a VPN on the work wifi and then they began blocking VPN’s. One day my VPN started continuously dropping and reconnecting while on their wifi. Absolutely within their right to do, they need to know what traffic is on their network in case of anything that breaks policy or is nefarious.

          • Darkassassin07@lemmy.ca
            link
            fedilink
            English
            arrow-up
            2
            ·
            edit-2
            1 year ago

            I haven’t had the time, but I’d like to give Shadowsocks a go and see if that can break out of the vpn blockages.

            The majority of my self-hosted services are vpn access only, and my phone is set to block non-vpn traffic so I notice in a hurry when my vpn drops out/can’t connect.

            /edit: I did give shadowsocks a go. It didn’t get through unfortunately and it’s password auth only, no key pairs or certificates. Got rid of it again.

    • lordkuri@lemmy.world
      link
      fedilink
      arrow-up
      60
      ·
      1 year ago

      I had a lady in the marketing department open a ticket with us many years ago when ILoveYou was running rampant and we had blocked yahoo mail, gmail, etc on our corporate network and she was PISSED because “I need to access that for my other job!”. Yes, she put that in the ticket. That was a brief discussion with her manager and a resume generating event for her.

        • lordkuri@lemmy.world
          link
          fedilink
          arrow-up
          18
          ·
          1 year ago

          Ironically I would have been happy to help her figure out a solution had she not been a complete and utter bitch about it. Instead she got her ass fired for misusing company resources. I suspect her boss was looking for an excuse, 'cause this woman was a 100% Karen stereotype.

    • wizardbeard@lemmy.dbzer0.com
      link
      fedilink
      English
      arrow-up
      8
      ·
      1 year ago

      That only helps if you aren’t on company wifi. Guess it’s time to stop misusing the corporate wifi password I shouldn’t have.

        • Godric@lemmy.world
          link
          fedilink
          arrow-up
          6
          ·
          1 year ago

          We are, the fucking suites that control management made us make machines that flag any cool websites :"(

      • Final Remix@lemmy.world
        link
        fedilink
        arrow-up
        10
        ·
        1 year ago

        We have a guy who isn’t in IT who goes through Peoples’ email and shit here, so I’m definitely steering clear of their internet traffic here.

          • Final Remix@lemmy.world
            link
            fedilink
            arrow-up
            5
            ·
            1 year ago

            Employer email, employer network, etc.

            Possible and legal, just a fuckin’ scumbag thing to do. Real creepy when he jumps in on an email to reply to something you sent to someone else.

            • Phantom3805@lemmy.world
              link
              fedilink
              arrow-up
              7
              arrow-down
              2
              ·
              1 year ago

              No, if he’s not in IT it should not be possible - I don’t know what email system you’re using but this person should not have the access you’re saying they do.

              I’m not saying it shouldn’t be technically possible (I’m a sysadmin, I know what’s possible in a corporate environment), I’m saying your organization should not make it possible.

              If he’s in some leadership position I’d be looking for other employment and/or reporting that person to your corporate compliance officer if you have one.

              • Final Remix@lemmy.world
                link
                fedilink
                arrow-up
                3
                ·
                1 year ago

                Yeah, well. He’s in admin, and I don’t feel like searching for a new tenured position. I’ll just skirt shit until he’s gone. And by then, keep skirting shit anyway.

    • 🇰 🌀 🇱 🇦 🇳 🇦 🇰 ℹ️@yiffit.net
      link
      fedilink
      English
      arrow-up
      36
      ·
      edit-2
      1 year ago

      I’ve worked a job that required using an app on my phone, and in order to install that app I had to give ROOT ACCESS and full remote control to the IT department and was subject to the same monitoring as when using a company desk or laptop. I just grabbed an older phone I had lying around and used that for work because I wasn’t about to give complete remote access to the phone I actually used every day.

      • Captain_Nipples@lemmy.world
        link
        fedilink
        arrow-up
        20
        ·
        edit-2
        1 year ago

        Fuck that. Our company gives us phones because they know they’re secure. And we don’t use them for anything but work related apps. I still make all my phone calls from my personal or office phone

        I say, “We,” but that’s not entirely true. There are a couple of jackasses that do everything on them, but I assume the company can see it of they want to. So, fuck that

      • Chriskmee@lemm.ee
        link
        fedilink
        arrow-up
        8
        ·
        1 year ago

        Wait, your job required root access to your personal cell phone phone at all times? So if you were at home off the clock you were still restricted on your personal phone as to what websites you could view?

        • PainInTheAES@lemmy.world
          link
          fedilink
          arrow-up
          3
          ·
          1 year ago

          It’s also a legal issue. If something happens legally that’s work related and your phone becomes part of the discovery process someone would sift through your personal data

          • Chriskmee@lemm.ee
            link
            fedilink
            arrow-up
            2
            ·
            1 year ago

            I mean that’s one thing to have access as part of an investigation, but to have remote access to it 24/7 seems excessive.

      • leo85811nardo@lemmy.world
        link
        fedilink
        arrow-up
        7
        ·
        1 year ago

        If you are android, there is an app called Shelter that lets you create customized contained work profile inside which apps can be killed completely until you enable work profile again. This would usually be enabled by certain official app by your employer’s IT policy, such as MS’s Company Policy, so you don’t normally have control over what app to put in the profile, but with Shelter you can pick and choose any app into the work profile freely. If you have other apps you don’t trust, you can also use it to contain them too

      • Serinus@lemmy.world
        link
        fedilink
        arrow-up
        2
        ·
        1 year ago

        I use a Pixel 1 for the same purpose. It’s just a couple authentication apps in my case, but I still don’t want their shit on my personal phone.

        Not sure why they’ve got to use proprietary shit instead of just using standards. I even offered my own Yubikey.

      • Captain_Nipples@lemmy.world
        link
        fedilink
        arrow-up
        4
        ·
        edit-2
        1 year ago

        My work laptop just got replaced, and what’s great is the dock that came with it. It only connects to my laptop thru a USB C. So. Now I unhook my laptop, and plug my phone into it, which uses Dex. It’s like Samsung’s own desktop OS. And I can use my big screens and keyboard and mouse

        I also make sure my phone isn’t using the network cable plugged into it and only use my own internet. I don’t think it’d let me anyways

        • jet@hackertalks.com
          link
          fedilink
          English
          arrow-up
          3
          ·
          1 year ago

          How do you like dexs? Would you consider using it as a daily driver? I mean not having a laptop at all.

          • Captain_Nipples@lemmy.world
            link
            fedilink
            arrow-up
            2
            ·
            edit-2
            1 year ago

            Not really. It’s okay for some just casual internet browsing and a few apps that are made for it, and I think you can use Office on it, but I’ve only used it to entertain myself at work. If you had access to a laptop or PC, you can plug a USB cable into any of the flagship Samsung phones and test it out.

            Itd be nice if more people used it though, so itd get more support

            If you’re familiar with Linux at all, there are some versions you can put on a rooted Android phone, and use it like a Linux PC. I never tried it, but I know it was a thing about 10 years ago, and I’m sure it’s still being worked on

    • thomcat@midwest.social
      link
      fedilink
      arrow-up
      18
      ·
      1 year ago

      I’m not personally surfing Lemmy on my work computer, but larger screen + physical keyboard and mouse.

    • Bakachu@lemmy.world
      link
      fedilink
      arrow-up
      10
      ·
      1 year ago

      They might work in a place that doesn’t allow personal electronic devices (government, military, high-security site, etc.).

    • BlinkerFluid@lemmy.one
      link
      fedilink
      arrow-up
      10
      ·
      1 year ago

      I worked for a small earmold company that made hearing aids and plugs. The PC I used had zero security. I decked it out with every possible imaginable tool to make my job easier, even had it where I could vpn in and do work from home, and while I didn’t utilize this feature, the ceo’s son did after I told him about it for a few weeks after I quit.

      Our HR manager constantly asked for email counts each day, so I automated a spreadsheet for her. I set a webcam up in an office with a laser engraver so I knew when the staff would put molds down for engraving without being in the room. I had syncthing cloning directories and a virtual desktop. I’d often model blender models on lunch and sync them back to my nas. Sometimes I’d make custom things for the company, then 3D print them and bring them in the next day.

      I had waaaasay too much power, though. I could go pick through the company samba server, look at anything, potentially delete everything. They kept backups on dated copies made on external drives and deleted everything four years old.

    • Elektrotechnik@lemmy.world
      link
      fedilink
      arrow-up
      8
      ·
      edit-2
      1 year ago

      I’m visiting other companies for work every now and then.

      If they are in a fancy new steel-and-concrete office building with open space offices, chances are that cell reception is very bad. I once was in an office where I’m certain they had installed cell blockers on the toilets.

    • jjjalljs@ttrpg.network
      link
      fedilink
      arrow-up
      17
      ·
      1 year ago

      I used to sign in to my personal accounts on my work computer. And then a place laid me off and remotely locked the computer before I could sign out of anything, and I realized I had been stupid.

      Now I just use my phone. But I also work from home so there’s no one to creep on me and report I’m looking at my phone instead of click clacking away.

      • Agent641@lemmy.world
        link
        fedilink
        arrow-up
        3
        ·
        1 year ago

        Protip use anydesk to connect to your own computer remltely and do personal stuff from there. Then the only link to be severed is anydesk, which can be protected by password and 2fa

        • cyberpunk007@lemmy.world
          link
          fedilink
          arrow-up
          2
          ·
          1 year ago

          Pro tip, use KVM switches and USB mouse movers. Also if your work is hardcore enough to restrict software… Just RDP to your home computer. But I leave no trace of my slack on my work machine.

  • GBU_28@lemm.ee
    link
    fedilink
    English
    arrow-up
    54
    arrow-down
    1
    ·
    1 year ago

    Never attach a personal device to a company network!!!

  • HiddenLayer5@lemmy.ml
    link
    fedilink
    arrow-up
    47
    arrow-down
    8
    ·
    edit-2
    1 year ago

    I imagine the socialist/ML and pro-union content also plays into this (speaking as a socialist/ML and extremely pro-union, mind you). Corporations hate and are terrified of any sort of dissidence that threatens their profits and will absolutely police your activity on it. Weirdly enough Western “freedom of speech” doesn’t seem to extend to this kind of stuff in practice, can’t imagine why.

        • oatscoop@midwest.social
          link
          fedilink
          English
          arrow-up
          16
          ·
          edit-2
          1 year ago

          I do. I also competently complete all the work that’s given to me and then some. I’m being paid to do a job and I do it well. If I’m not engaged in work and caught up I’m going to discretely “fuck around” while still being on hand for anything that needs me.

          That’s what most jobs are: you’re paid to complete specific tasks and be available for when something comes up.

          Oh, I could be doing more work? – I’d love to … for more pay or time off. The expectation of “looking busy” and “busy work” is for jackasses, and I don’t work for free.

    • iN8sWoRLd@lemmy.world
      link
      fedilink
      English
      arrow-up
      16
      ·
      1 year ago

      The company firewall very likely is using a “content filtering” function which for Sonicwall, for example, is a subscription service where the admin can select any number of “categories” of content to block. I found lemmy.world was being blocked because Sonicwall had that domain categorized as “gaming” which was disallowed. I reported the error to Sonicwall that it should be “social media” but haven’t heard back (it takes a while) but some companies might block that category also. In short, it might not be blocked because of any positive action by your company but instead by accident because whoever first classified the site didn’t understand what it was.

      • HiddenLayer5@lemmy.ml
        link
        fedilink
        English
        arrow-up
        13
        arrow-down
        1
        ·
        edit-2
        1 year ago

        I’m less worried about what they actively block with an in-your-face “this content is forbidden” screen and more worried about what they might silently flag to my supervisor, tbh. They’re unlikely to block pro-union content, for example, but might silently track who’s going on those kinds of sites.

        • iN8sWoRLd@lemmy.world
          link
          fedilink
          English
          arrow-up
          6
          ·
          1 year ago

          Your personal security concerns are valid but every company is different, and it seems most people don’t work at a firm their whole lives anymore so there is less trust and less loyalty and decency, really. In my case the wifi given to employees for their personal phones is totally segregated from the work LAN so while it is definitely monitored and protected in the same way, its far less of a concern for company security. It is also throttled so watching videos is almost impossible, it blocks a hoard of malicious stuff (which makes using it safer for the user than when they leave), and many of those using it are on cheap limited plans so they might not be able to leave their comms open to their family or check the location of their kids during the workday, or even get updates otherwise. Many use it to stream radio stations or listen to podcasts usually into earbuds. Properly classified porn sites, etc. are blocked. However, I recently heard there will be changes imposed on us from above and all these users may soon be kicked off this wifi entirely. Managers and office workers will certainly be still allowed to use it but the people who really need it? I guess they are SOL.

      • applejacks@lemmy.world
        link
        fedilink
        arrow-up
        4
        ·
        1 year ago

        Yea, and the filters are not that accurate either.

        Tried to login into Telegram at work, and it was blocked for terrorism lmao.

        Gave me a scare, but never got a talking to about it.

        • iN8sWoRLd@lemmy.world
          link
          fedilink
          English
          arrow-up
          2
          ·
          1 year ago

          The only people to know about it would be IT, if we even have an alert for it (we generally don’t) because we don’t care about someone trying to access something is blocked, we know its blocked so its no threat. Things we care about are real security concerns like when your machine suddenly is downloading a bunch of exe files, connecting to a database server in Brazil, scanning the network for open file shares and running powershell scripts to encrypt every file it finds. Most well-set-up places are running endpoint protection now though so the first thing you’ll notice is you will lose your internet. THEN you might get visited, but by then you’ll probably be calling us since nothing works LOL

    • NuPNuA@lemm.ee
      link
      fedilink
      arrow-up
      8
      arrow-down
      1
      ·
      1 year ago

      Given that I can literally access my unions resources from my employers internet, I doubt that’s an issue.

  • inclementimmigrant@lemmy.world
    link
    fedilink
    arrow-up
    41
    arrow-down
    2
    ·
    edit-2
    1 year ago

    Why in the heck would anyone browse any social media on your company machine?

    That’s the whole reason I left Reddit because it forced me to have to use Reddit on a computer and it’s one of the first things I remind new hires not to use social media on company property, it’s always monitored from keyboard to Internet connection.

    Good lord people…

    • frenchyy94@feddit.de
      link
      fedilink
      arrow-up
      5
      arrow-down
      1
      ·
      1 year ago

      Good thing I live in a country where it’s forbidden (unless everyone approves of it, which if course almost never happens) that they monitor everything.

      Sure internet movement could be looked up but even that needs to be because if a specific reason. They cannot just randomly look up everyone’s browser history.

    • XTornado@lemmy.ml
      link
      fedilink
      arrow-up
      5
      arrow-down
      2
      ·
      edit-2
      1 year ago

      Because it’s fine?

      Yeah some companies might monitor what you do but:

      a) It’s not that common or not that detailed as some people imply it

      b) It’s mostly for detecting malware or breaches, they don’t care about your social stuff.

      c) Most people just check normal stuff in social media nothing to worry even if somebody from works check it

      d) People have downtimes, checking Twitter or similar for a little while it’s not a firing offense…

      e) Most of the time is not checked by anyone except if something flags it. Which again usually is set for malware and breaches not if you spend x time on YouTube or Twitter…

      Yeah…use your phone if you can… But some people are painting this as the end of the world like the untouchable the forbidden fruit.

      • Godric@lemmy.world
        link
        fedilink
        arrow-up
        4
        arrow-down
        1
        ·
        1 year ago

        Coming from IT:

        A: Disagree; it’s logged, analyzed, and stored in the name of efficiency.

        B: Yes, but also no. Stopping malware is the original idea. But why would a business stop there when they can pressure 2% more time out of you by assigning ametric for everything?

        C: Fair

        D: It is if there’s budget cuts/Boss dislikes you. Leaving evidence of you not working on company time can be an anchor around your neck.

        E: Yes, until no. See D.

        I agree using work internet for personal shit isn’t career suicide, but it just opens the door for shit that isnt needed. Frivolous work internet usage is an example of “Free to those who can afford it, very expensive for those who can’t”.

        Just use Data if you can, or shitpost after your shift

  • Arthur Besse@lemmy.ml
    link
    fedilink
    arrow-up
    36
    ·
    1 year ago

    TL;DR: Keep browsing to your local instance at work for now.

    YSK even the local tab on any instance will load many transcluded images from other instances.

    if you’re worried about your employer monitoring for suspicious hostnames, you’re rolling the dice every time you do any personal web browsing (outside of sites that don’t transclude 3rd party images, like wikipedia, and, ironically, facebook…).

  • BoofStroke@lemm.ee
    link
    fedilink
    arrow-up
    36
    ·
    edit-2
    1 year ago

    On phone, use LTE. On computer set up a cheap Linux shell on your vsp of choice. Then use an ssh socks proxy for your browser.

  • Cybermass@lemmy.world
    link
    fedilink
    arrow-up
    33
    ·
    1 year ago

    The other day I was on all and there was fucking porn without any NSFW filter on it on some cumsluts community, no co-workers were around thankfully but it was a good wake up call that all is not a place you wanna be unless you are at home.