Why YSK: It appears several Lemmy Instances are flagged as suspicious and at least 1 instance intentionally using the name of ransomware. A couple of the big enterprise monitoring suites (Fortiguard, ZScaler) will flag your account and may end up with you being pulled into an office for an explanation, or worse.
TL;DR: Keep browsing to your local instance at work for now.
That’s why you use the guest WIFI
No! If you’re doing personal stuff use your cell phone data. Do not use work Wi-Fi, do not use the work network, use your cell phones personal cell phone data plan. Do not transit personal stuff over the corporate network. It will be logged it will be monitored and there may be questions.
At the very least have your phone use a VPN if you’re going to use the Wi-Fi.
Better idea… you could work. Or use a VPN on your phone.
By all means, please do. IT departments can look for this type of traffic and report it to HR, which saves the company money.
I find it funny that people seem to think that browsing reddit at work is ok, as long as it’s not porn. I don’t think employers see it that way.
Or just use LTE and not Company WiFi which is obviously monitored. Like how dumb is OP lol
Well, you should be using a VPN for privacy anyway, so that wouldn’t be a problem.
Unless you’re handing your phone over and letting them root it, they almost certainly are not MITMing your traffic. At best, they can see you’re using a VPN. If they are able to snoop your traffic, either your VPN is absolutely shit, or you changed some setting you shouldn’t have and fucked yourself.
So if you were, say, using a VPN on your personal phone at work on their internet, would you also get in trouble?
Why would you join your phone to the company wifi? Mobile data is cheap (at least where I am). I’ve never joined my personal phone to an employer’s wifi. At least not in the last five or so years.
Its worth noting, you cant actually MITM most traffic without device acess. To MITM my lemmy traffic, you would need either a copy of the certificate and private key of for example lemmy.world, which they would never willingly provide, or you would need to get a valid certificate from a CA for lemmy.world, which you could never get without verifying ownership of the domain.
If you are using a company owned device to browse Lemmy, then 100% they can very easily install a custom Root CA and make their own certificates, and you should assume all your traffic is monitored. But if they allow BYOB or for your phone to be on the network, then they would be unable to see that traffic without you being able to tell, because you would get certificate errors.
But if they allow you to install a VPN, then just use TOR with a TOR bridge and you wouldnt have issues, because they cant tell its VPN / TOR traffic akaik
I find it crazy that you can get in trouble for browsing the wrong websites. It’s illegal where I live to track people’s computers.
In the US there is no reasonable expectation of privacy on company computers and company networks and to reinforce this usually on day 1 of a job you sign documents explicitly stating they can and will monitor traffic on company systems.
Without monitoring traffic on all company systems there would be no way to know if your company was subjected to a breach. There is mandatory reporting for public companies and part of the reporting includes the capability to monitor for said breaches.
To that end I have to wonder where you are that information security is basically prohibited by law.
If you’re using company hardware on a company network and our security software says you’re visiting ransomware like URLs, it’s very much legal monitoring as it’s for a technical reason. It’s probably mandatory since you need to do this to protect the personal data your company stores.
More often than not you probably signed a document stating you understood and accepted this.
I imagine the socialist/ML and pro-union content also plays into this (speaking as a socialist/ML and extremely pro-union, mind you). Corporations hate and are terrified of any sort of dissidence that threatens their profits and will absolutely police your activity on it. Weirdly enough Western “freedom of speech” doesn’t seem to extend to this kind of stuff in practice, can’t imagine why.
More likely op being a dumbass and using work resources to fuck around on the clock.
I do. I also competently complete all the work that’s given to me and then some. I’m being paid to do a job and I do it well. If I’m not engaged in work and caught up I’m going to discretely “fuck around” while still being on hand for anything that needs me.
That’s what most jobs are: you’re paid to complete specific tasks and be available for when something comes up.
Oh, I could be doing more work? – I’d love to … for more pay or time off. The expectation of “looking busy” and “busy work” is for jackasses, and I don’t work for free.
Given that I can literally access my unions resources from my employers internet, I doubt that’s an issue.
Could it be that in your country your employer is required by law, or there exists an union contract that specifies your right to access this information?
The company firewall very likely is using a “content filtering” function which for Sonicwall, for example, is a subscription service where the admin can select any number of “categories” of content to block. I found lemmy.world was being blocked because Sonicwall had that domain categorized as “gaming” which was disallowed. I reported the error to Sonicwall that it should be “social media” but haven’t heard back (it takes a while) but some companies might block that category also. In short, it might not be blocked because of any positive action by your company but instead by accident because whoever first classified the site didn’t understand what it was.
I’m less worried about what they actively block with an in-your-face “this content is forbidden” screen and more worried about what they might silently flag to my supervisor, tbh. They’re unlikely to block pro-union content, for example, but might silently track who’s going on those kinds of sites.
Your personal security concerns are valid but every company is different, and it seems most people don’t work at a firm their whole lives anymore so there is less trust and less loyalty and decency, really. In my case the wifi given to employees for their personal phones is totally segregated from the work LAN so while it is definitely monitored and protected in the same way, its far less of a concern for company security. It is also throttled so watching videos is almost impossible, it blocks a hoard of malicious stuff (which makes using it safer for the user than when they leave), and many of those using it are on cheap limited plans so they might not be able to leave their comms open to their family or check the location of their kids during the workday, or even get updates otherwise. Many use it to stream radio stations or listen to podcasts usually into earbuds. Properly classified porn sites, etc. are blocked. However, I recently heard there will be changes imposed on us from above and all these users may soon be kicked off this wifi entirely. Managers and office workers will certainly be still allowed to use it but the people who really need it? I guess they are SOL.
Yea, and the filters are not that accurate either.
Tried to login into Telegram at work, and it was blocked for terrorism lmao.
Gave me a scare, but never got a talking to about it.
The only people to know about it would be IT, if we even have an alert for it (we generally don’t) because we don’t care about someone trying to access something is blocked, we know its blocked so its no threat. Things we care about are real security concerns like when your machine suddenly is downloading a bunch of exe files, connecting to a database server in Brazil, scanning the network for open file shares and running powershell scripts to encrypt every file it finds. Most well-set-up places are running endpoint protection now though so the first thing you’ll notice is you will lose your internet. THEN you might get visited, but by then you’ll probably be calling us since nothing works LOL
