Why YSK: It appears several Lemmy Instances are flagged as suspicious and at least 1 instance intentionally using the name of ransomware. A couple of the big enterprise monitoring suites (Fortiguard, ZScaler) will flag your account and may end up with you being pulled into an office for an explanation, or worse.
TL;DR: Keep browsing to your local instance at work for now.
Browsing personal sites, especially social media, on a work computer is insane
Insane? I wouldn’t go so far, everybody has downtimes from time to time, unless you are doing something crazy… It is fine.
So why not using your personal phone instead?
Nah
Just don’t use a work computer for anything but work. Use your personal cell phone and don’t use their wifi.
It constantly surprises me how many people use their work computers as as if it was a personal computer. They’ve got family pictures, shopping, browsing, socials, everything. I’ve tried mentioning before, in a roundabout way, but people really don’t care. And then when they get laid off or quit then they’re shocked as hell once the computer’s remotely locked and wiped and then they make a big stink about how all of their stuff was on there. It’s like what did you expect to happen.
My work phone is specifically partitioned to separate personal and work activities. I can’t even copy and paste text between the two sides, they are so disconnected from each other. This is done specifically so people can use their work phone for personal business without cross-contamination.
I still refuse to use my work phone for anything but work. I only log into my personal accounts long enough to install/update a few apps from the Play Store that aren’t allowed on the work side but are still useful (MS Teams, WhatsApp).
Part of that is not wanting to enter a 12 character password every time I want to do anything simple . But the other part is that I just don’t want to mix my personal and work lives more than I have to.
The reason I used to use my work PC for online purchases/personal finances because the network at my employer was much more secure than my home network. But it was a smaller company back then, now that we’re “corporate” (partnered a larger entity) I don’t.
Porn, so much porn
I use my own Internet for my phone. No point messing with work Internet unless necessary.
Right? I dont want the nerds at IT to find out where I get all my free porn.
We have a guy who isn’t in IT who goes through Peoples’ email and shit here, so I’m definitely steering clear of their internet traffic here.
That’s insane and should not be possible
Employer email, employer network, etc.
Possible and legal, just a fuckin’ scumbag thing to do. Real creepy when he jumps in on an email to reply to something you sent to someone else.
No, if he’s not in IT it should not be possible - I don’t know what email system you’re using but this person should not have the access you’re saying they do.
I’m not saying it shouldn’t be technically possible (I’m a sysadmin, I know what’s possible in a corporate environment), I’m saying your organization should not make it possible.
If he’s in some leadership position I’d be looking for other employment and/or reporting that person to your corporate compliance officer if you have one.
Yeah, well. He’s in admin, and I don’t feel like searching for a new tenured position. I’ll just skirt shit until he’s gone. And by then, keep skirting shit anyway.
Exactly. Use the work equipment for work purposes and there is no issue.
This is the way. My work tends to block a lot of websites that aren’t relevant to the job anyway.
Why do people use work computers anymore when cellphones exist?
I don’t even connect to my work’s wifi
See I’d connect, but it would be on a VPN the whole time.
I’m not personally surfing Lemmy on my work computer, but larger screen + physical keyboard and mouse.
I’m visiting other companies for work every now and then.
If they are in a fancy new steel-and-concrete office building with open space offices, chances are that cell reception is very bad. I once was in an office where I’m certain they had installed cell blockers on the toilets.
They might work in a place that doesn’t allow personal electronic devices (government, military, high-security site, etc.).
deleted by creator
Pro tip: Don’t do not-work stuff on work owned hardware.
Or while connected to work networks
I imagine the socialist/ML and pro-union content also plays into this (speaking as a socialist/ML and extremely pro-union, mind you). Corporations hate and are terrified of any sort of dissidence that threatens their profits and will absolutely police your activity on it. Weirdly enough Western “freedom of speech” doesn’t seem to extend to this kind of stuff in practice, can’t imagine why.
More likely op being a dumbass and using work resources to fuck around on the clock.
Plenty of people feel fully entitled and justified to fuck around on the clock. Some of them are in this comment thread.
I do. I also competently complete all the work that’s given to me and then some. I’m being paid to do a job and I do it well. If I’m not engaged in work and caught up I’m going to discretely “fuck around” while still being on hand for anything that needs me.
That’s what most jobs are: you’re paid to complete specific tasks and be available for when something comes up.
Oh, I could be doing more work? – I’d love to … for more pay or time off. The expectation of “looking busy” and “busy work” is for jackasses, and I don’t work for free.
deleted by creator
deleted by creator
The company firewall very likely is using a “content filtering” function which for Sonicwall, for example, is a subscription service where the admin can select any number of “categories” of content to block. I found lemmy.world was being blocked because Sonicwall had that domain categorized as “gaming” which was disallowed. I reported the error to Sonicwall that it should be “social media” but haven’t heard back (it takes a while) but some companies might block that category also. In short, it might not be blocked because of any positive action by your company but instead by accident because whoever first classified the site didn’t understand what it was.
I’m less worried about what they actively block with an in-your-face “this content is forbidden” screen and more worried about what they might silently flag to my supervisor, tbh. They’re unlikely to block pro-union content, for example, but might silently track who’s going on those kinds of sites.
Your personal security concerns are valid but every company is different, and it seems most people don’t work at a firm their whole lives anymore so there is less trust and less loyalty and decency, really. In my case the wifi given to employees for their personal phones is totally segregated from the work LAN so while it is definitely monitored and protected in the same way, its far less of a concern for company security. It is also throttled so watching videos is almost impossible, it blocks a hoard of malicious stuff (which makes using it safer for the user than when they leave), and many of those using it are on cheap limited plans so they might not be able to leave their comms open to their family or check the location of their kids during the workday, or even get updates otherwise. Many use it to stream radio stations or listen to podcasts usually into earbuds. Properly classified porn sites, etc. are blocked. However, I recently heard there will be changes imposed on us from above and all these users may soon be kicked off this wifi entirely. Managers and office workers will certainly be still allowed to use it but the people who really need it? I guess they are SOL.
Yea, and the filters are not that accurate either.
Tried to login into Telegram at work, and it was blocked for terrorism lmao.
Gave me a scare, but never got a talking to about it.
The only people to know about it would be IT, if we even have an alert for it (we generally don’t) because we don’t care about someone trying to access something is blocked, we know its blocked so its no threat. Things we care about are real security concerns like when your machine suddenly is downloading a bunch of exe files, connecting to a database server in Brazil, scanning the network for open file shares and running powershell scripts to encrypt every file it finds. Most well-set-up places are running endpoint protection now though so the first thing you’ll notice is you will lose your internet. THEN you might get visited, but by then you’ll probably be calling us since nothing works LOL
The other day I was on all and there was fucking porn without any NSFW filter on it on some cumsluts community, no co-workers were around thankfully but it was a good wake up call that all is not a place you wanna be unless you are at home.
TL;DR: Keep browsing to your local instance at work for now.
YSK even the local tab on any instance will load many transcluded images from other instances.
if you’re worried about your employer monitoring for suspicious hostnames, you’re rolling the dice every time you do any personal web browsing (outside of sites that don’t transclude 3rd party images, like wikipedia, and, ironically, facebook…).
I’m against transclusion. Unless that clusion is inclusion, then I’m for it.
Why in the heck would anyone browse any social media on your company machine?
That’s the whole reason I left Reddit because it forced me to have to use Reddit on a computer and it’s one of the first things I remind new hires not to use social media on company property, it’s always monitored from keyboard to Internet connection.
Good lord people…
I used to do social media marketing for a company. I used a company computer for that ¯\(ツ)/¯
Good thing I live in a country where it’s forbidden (unless everyone approves of it, which if course almost never happens) that they monitor everything.
Sure internet movement could be looked up but even that needs to be because if a specific reason. They cannot just randomly look up everyone’s browser history.
Because it’s fine?
Yeah some companies might monitor what you do but:
a) It’s not that common or not that detailed as some people imply it
b) It’s mostly for detecting malware or breaches, they don’t care about your social stuff.
c) Most people just check normal stuff in social media nothing to worry even if somebody from works check it
d) People have downtimes, checking Twitter or similar for a little while it’s not a firing offense…
e) Most of the time is not checked by anyone except if something flags it. Which again usually is set for malware and breaches not if you spend x time on YouTube or Twitter…
Yeah…use your phone if you can… But some people are painting this as the end of the world like the untouchable the forbidden fruit.
Coming from IT:
A: Disagree; it’s logged, analyzed, and stored in the name of efficiency.
B: Yes, but also no. Stopping malware is the original idea. But why would a business stop there when they can pressure 2% more time out of you by assigning ametric for everything?
C: Fair
D: It is if there’s budget cuts/Boss dislikes you. Leaving evidence of you not working on company time can be an anchor around your neck.
E: Yes, until no. See D.
I agree using work internet for personal shit isn’t career suicide, but it just opens the door for shit that isnt needed. Frivolous work internet usage is an example of “Free to those who can afford it, very expensive for those who can’t”.
Just use Data if you can, or shitpost after your shift
While VPNs aren’t perfect, vpn and DNS over HTTPS will help you avoid this.
Be careful though, as many companies also flag VPN usage as suspicious by default.
If you’re just looking to hide from your employer, you might want to consider self-hosting a VPN/HTTPS proxy server, or, for more technical users, self-host a VPN/proxy server that forwards the incoming traffic through a commercial VPN. If you use a commercial cloud hosting platform, all they can really see in that case is that you’re accessing, say, a Digitalocean server, which can also be for any number of benigin websites. Make sure you have your VPN client set to connect over port 443 (the normal HTTPS port) and not the official OpenVPN or Wireguard port, as well as use the networking interlock (internet killswitch) feature that disables internet access without the VPN connection active.
Still not perfect obviously, but I imagine better than using a well-known commercial VPN directly. Or, you can always just use cellular data/hotspot for personal browsing and completely prevent your employer from seeing it.
Better idea… you could work. Or use a VPN on your phone.
deleted by creator
The Tony Danza you seek is in another castle…
Working is stupid
Tell me how else I’m supposed to afford food and a place to live!
Just make sure your parents are billionaires.
Plot twist: it’s 2009 and you’re in zimbabwe
deleted by creator
Doesn’t stop the network from seeing what you’re doing
…y’all can’t seem to break your reddit habits for shit 😂😂😂😂
You guys aren’t using DoT (DNS-over-TLS) or DoH (DNS-over-HTTPS) ??
There’s a good chance that SSL inspection is being used if it’s picking up the names of instances.
I use DoH. What’s DoT? What are the differences?
DoT uses the TLS protocol as far as I know while DoH uses the general HTTPS (443) protocol. But both of them are encrypted so you shouldn’t worry about security with any of them. Just use the one that is supported with your device/app
I’m glad my work doesn’t care what I do online as long as I get my shit done. It’s not the highest paying job in the world, but perks like that keep me there.
Not caring what you do on your pc, within reason, is not the same as not monitoring for dangerous actions that could endanger your network or company (and client data). I don’t care what my colleagues do on their pc either. As long as it doesn’t cause me more work.
Logging security incidents is work. So we do block a lot of websites and keep an eye on what you try to run. If we see something wrong we just talk to you and explain why we don’t want you to do that. 99,9% of the time everybody is happy after that.
The idea of this being something you can get fired for or that’s taken into consideration for your evaluation is insane though. We have rights as workers. Keeping the network safe means I can see some extent of what you do. Your boss or their boss has no right to that information unless you state you will continue endangering the network. Even in that case I wouldn’t even tell them the websites tbh.
I find it crazy that you can get in trouble for browsing the wrong websites. It’s illegal where I live to track people’s computers.
If you’re using company hardware on a company network and our security software says you’re visiting ransomware like URLs, it’s very much legal monitoring as it’s for a technical reason. It’s probably mandatory since you need to do this to protect the personal data your company stores.
More often than not you probably signed a document stating you understood and accepted this.
In the US there is no reasonable expectation of privacy on company computers and company networks and to reinforce this usually on day 1 of a job you sign documents explicitly stating they can and will monitor traffic on company systems.
Without monitoring traffic on all company systems there would be no way to know if your company was subjected to a breach. There is mandatory reporting for public companies and part of the reporting includes the capability to monitor for said breaches.
To that end I have to wonder where you are that information security is basically prohibited by law.
