Privacy

31279 readers

595 users here now

A place to discuss privacy and freedom in the digital world.

Privacy has become a very important issue in modern society, with companies and governments constantly abusing their power, more and more people are waking up to the importance of digital privacy.

In this community everyone is welcome to post links and discuss topics related to privacy.

Some Rules

Posting a link to a website containing tracking isn't great, if contents of the website are behind a paywall maybe copy them into the post
Don't promote proprietary software
Try to keep things on topic
If you have a question, please try searching for previous discussions, maybe it has already been answered
Reposts are fine, but should have at least a couple of weeks in between so that the post can reach a new audience
Be nice :)

Related communities

Chat rooms

[Matrix/Element]Dead
Discord

much thanks to @gary_host_laptop for the logo design :)

founded 4 years ago

MODERATORS

481

Not that you guys need the reminder, but your work sees all your browser history and you may not even be able to delete it if you wanted to (lemmy.ca)

submitted 1 year ago by t0fr@lemmy.ca to c/privacy@lemmy.ml

207 comments fedilink hide all child comments

you are viewing a single comment's thread
view the rest of the comments

[–] henfredemars@infosec.pub 10 points 1 year ago* (last edited 1 year ago) (2 children)

My work runs MITM with corporate certificates, so they can see everything no matter whether it's encrypted or not. If you don't accept the certificates to let them monitor, you can't browse.

Therefore, I just don't use it.

[–] Pixel@lemmy.sdf.org 3 points 1 year ago (1 children)

Is that for the VPN, or actually all wifi connections? Not sure how it would be possible for wifi

[–] Darkassassin07@lemmy.ca 7 points 1 year ago* (last edited 1 year ago) (1 children)

Corporate networks (especially those utilizing MITM) block vpn access altogether.

You can't reach your vpn server, falling back to plain un-tunneled https. Then instead of dns retuning the true ip, it returns a local corporate ip; you connect to that with https and it serves you a cert generated on the fly for that particular domain signed by a root cert your browser already trusts. Your browser sees nothing wrong and transmits via that compromised connection.

You can usually check for this by connecting via mobile data, taking a screenshot of the cert details, then doing the same on work wifi and compare.

If the cert details change on wifi, your traffic is being intercepted, decrypted, read/logged, then re-encrypted and passed to the server you're trying to reach.

[–] Pixel@lemmy.sdf.org 0 points 1 year ago (1 children)

I was talking about work VPN, the thing I connect to every morning to access work's internal services.

I don't see how a 3rd party device connecting to wifi can have https MITM. Otherwise many wifi out there would do it and steal your info.

[–] Aux@lemmy.world 1 points 1 year ago (1 children)

WTF?

[–] sudo@lemmy.today 4 points 1 year ago

Depending on the nature of the work and security protocols it isn't the WTF. When you're working, on your work device, on the work network, there is zero assumption of privacy (and there really shouldn't be). The company wants to maintain it's security and so it is ensuring it is aware of things happening on its network.

It's not necessary for everyone everywhere but it has valid use case that isn't some mega shady weird thing.