|
Powered Descent posted:Assuming most of these VPN users are working from home, what's stopping them from just... using their own personal computer (or tablet, phone, or whatever they prefer) for non-work stuff? You know, the one they use when they aren't working. Why ask for exceptions in the company filters so as to do their Facebook fuckery on their work laptop specifically? They're at home, they can set things up on their desk however they like, and the boss isn't going to sneak up behind them and catch them looking at the wrong screen. Absolutely nothing, but... LethalGeek posted:People are incredibly lazy and privileged This. Rooted Vegetable posted:I'm going to turn this question round to answer it: Thread of IT people, does anyone actually give a poo poo to use any of the listed items to actually try to intercept anyone's banking? No, lol, hell of an ethical failure and a good way to lose a job. orange juche posted:That would be an ethics violation to be sure. However, most corporate login splash screens display a warning that things done on the computer will be audited, and monitoring of network traffic will occur. Usually this includes deep packet inspection, which could certainly scoop someone's banking information. Still a very very bad idea and nobody here who wants to keep a job would ever admit to intentionally seeking such information. Yeah, the splash screen warning at logon exists to cover the rear end of the org if someone whines about their personal data showing up in a logfile used to prove that they did Bad Things With Computers while at work, using org-owned equipment. The only time someone's actually going to go digging around in user network logs is if it actually needs to be done.
|
# ? Nov 3, 2020 08:17 |
|
|
# ? Apr 26, 2024 21:13 |
|
What's the best way to make sure I stay active on teams? I use a kvm to shitpost. Since work computer is a laptop, I occasionally reach over and boop the touchpad, but I'm lazy.
|
# ? Nov 3, 2020 08:24 |
|
usb mouse jiggler connected to the laptop, though it might report/detect device characteristics depending on your device management solution? alternatively, a normal usb mouse but with something weird/moving under it? i have a wireless mouse on top of my portable AC and it shakes just enough to never sleep
|
# ? Nov 3, 2020 08:28 |
|
KVM and not letting a computer idle is partly why my personal poo poo showed up at work. I also worked around this by using an overpriced gaming headset with programble buttons to simplify hit Space when I'd remember to. Mainly between 🏈 plays when I ran into the TV room to watch such. Besides a jiggler idk what else would work honestly. Not without some human input.
|
# ? Nov 3, 2020 08:53 |
|
An Autohotkey/AutoIT script that just runs on a loop to click an empty spot in the Teams window every minute does the trick just fine. Together with a Launchy shortcut, it's a couple keystrokes to keep me active whenever I know I'm going turn away from the work machine for any length of time
|
# ? Nov 3, 2020 09:00 |
|
I remember a coworker using this to keep his computer from going to the screen saver and locking: https://www.zhornsoftware.co.uk/caffeine/
|
# ? Nov 3, 2020 11:30 |
|
Hargrimm posted:An Autohotkey/AutoIT script that just runs on a loop to click an empty spot in the Teams window every minute does the trick just fine. Together with a Launchy shortcut, it's a couple keystrokes to keep me active whenever I know I'm going turn away from the work machine for any length of time
|
# ? Nov 3, 2020 11:58 |
|
Hmm Seems like a lot of work to hide what I'm doing to a group of people who are doing the same exact thing.
|
# ? Nov 3, 2020 12:49 |
|
There's a small portable app called MouseJiggler that imperceptibly shifts the mouse pointer a few pixels and back every x seconds. I've used it for years because I don't like enforced screensaver timeouts. https://archive.codeplex.com/?p=mousejiggler
|
# ? Nov 3, 2020 13:03 |
|
There's always the classic. https://i.imgur.com/ehK5LII.gifv
|
# ? Nov 3, 2020 13:36 |
|
I have resigned myself to shitposting in four minute chunks.
|
# ? Nov 3, 2020 14:39 |
|
Rooted Vegetable posted:I'm going to turn this question round to answer it: Thread of IT people, does anyone actually give a poo poo to use any of the listed items to actually try to intercept anyone's banking? Logs are data that could be exposed in a breach. So if you're doing all your banking through a Palo Alto (and others), which MITMs your SSL sessions with an internal cert, and with audit logging, etc, a lot of your information will be sitting in a splunk indexer, potentially somewhere out in AWS.
|
# ? Nov 3, 2020 15:43 |
|
dragonshardz posted:Split tunnel ist verboten. State/department policy. What kind of nutjob place do you work at? I deal with state governments all the time for police networks and even they let us enable split tunneling in certain areas. Your department policy sounds dumb.
|
# ? Nov 3, 2020 15:44 |
|
Renegret posted:What's the best way to make sure I stay active on teams? Powershell script that presses F15 once a minute. https://gist.github.com/jcefoli/66dd9e0cdf865a43175d0d48d272b25a
|
# ? Nov 3, 2020 15:57 |
|
AlexDeGruven posted:Logs are data that could be exposed in a breach. So if you're doing all your banking through a Palo Alto (and others), which MITMs your SSL sessions with an internal cert, and with audit logging, etc, a lot of your information will be sitting in a splunk indexer, potentially somewhere out in AWS. Yeah it's pretty much this, nobody in your corp IT is likely to try to steal your data, we like to keep our jobs after all. However, when a hacker does hack your corporate network and exposes data from your network, your personal information will be exposed if you were logging in to your bank etc on the corp network. You don't want that. Don't make yourself a bigger target basically.
|
# ? Nov 3, 2020 16:27 |
|
USB Forensic Mouse Jiggler: https://www.amazon.com/dp/B00MTZY7Y4/ref=cm_sw_r_cp_awdb_imm_t1_RBxOFb9Y0GP9D?psc=1
|
# ? Nov 3, 2020 16:28 |
|
orange juche posted:Yeah it's pretty much this, nobody in your corp IT is likely to try to steal your data, we like to keep our jobs after all. However, when a hacker does hack your corporate network and exposes data from your network, your personal information will be exposed if you were logging in to your bank etc on the corp network. You don't want that. Don't make yourself a bigger target basically. I'm blanking at remembering it off the top of my head, but I'm pretty sure one of the big malware strains, emotet maybe?, has an option to harvest login credentials for banks, webmail etc before detonating any other payloads.
|
# ? Nov 3, 2020 16:36 |
|
orange juche posted:Yeah it's pretty much this, nobody in your corp IT is likely to try to steal your data, we like to keep our jobs after all. However, when a hacker does hack your corporate network and exposes data from your network, your personal information will be exposed if you were logging in to your bank etc on the corp network. You don't want that. Don't make yourself a bigger target basically.
|
# ? Nov 3, 2020 16:51 |
|
I have an autohotkey script that every 4.5 minutes moves the mouse one pixel left and then back one pixel right.
|
# ? Nov 3, 2020 18:04 |
|
I like the one tHat presses shift every 59 secoNds.
|
# ? Nov 3, 2020 18:21 |
|
Arquinsiel posted:In practice people see how much data is generated by this and go "how many gigabytes? Eight hours of visibility is enough, right?" and then you can't figure out what happened at 7PM last night when you get in at 9AM. I genuinely would not give a gently caress about it, because if anything happens there are multiple other layers of defence and ways to remediate compromise for my personal stuff. "We need to do command-line auditing of the entire environment!" *Turns on audit logging for 25,000+ server instances and 30,000+ desktops and laptops shipping everything to Splunk* Splunk: hey, so, about your licensing...
|
# ? Nov 3, 2020 18:25 |
|
AlexDeGruven posted:"We need to do command-line auditing of the entire environment!"
|
# ? Nov 3, 2020 18:27 |
|
Some companies just don't care about the money if they get the results the want/need, and that can including hoovering everything that comes near. I'm aware of one colo DC that hoovers data off their guest network, so even your own devices can be iffy
|
# ? Nov 3, 2020 18:36 |
|
RFC2324 posted:Some companies just don't care about the money if they get the results the want/need, and that can including hoovering everything that comes near. Yeah, nobody actually gives a gently caress about the data, just that it's getting collected.
|
# ? Nov 3, 2020 18:56 |
|
RFC2324 posted:I like the one tHat presses shift every 59 secoNds. RFC2324 posted:I'm aware of one colo DC that hoovers data off their guest network, so even your own devices can be iffy Lol just lol if you don't jump on a VPN any time you use someone else's wifi
|
# ? Nov 3, 2020 19:43 |
|
BaseballPCHiker posted:What kind of nutjob place do you work at? I deal with state governments all the time for police networks and even they let us enable split tunneling in certain areas. Your department policy sounds dumb. A state department that only this year implemented a VPN, even though there have been computers spread out across the whole state for decades. Yeah.
|
# ? Nov 3, 2020 19:46 |
|
RFC2324 posted:I like the one tHat presses shift every 59 secoNds. Do you have a disability that prevents you from typing faster than 4 WPM?
|
# ? Nov 3, 2020 19:50 |
|
The Fool posted:Do you have a disability that prevents you from typing faster than 4 WPM? Have you seen GreenNight fucked around with this message at 22:39 on Nov 3, 2020 |
# ? Nov 3, 2020 20:10 |
|
Weatherman posted:
|
# ? Nov 3, 2020 20:42 |
|
Arquinsiel posted:Very different kind of "guest network"... You mean you don't trust the open wifi AP labelled "FBI Surveillance Van"?
|
# ? Nov 3, 2020 21:28 |
|
My 5GHz network is "theCIAdid5G" so
|
# ? Nov 3, 2020 21:33 |
|
mine's "5G COVID TRANSMITTER"
|
# ? Nov 3, 2020 21:43 |
|
GreenNight posted:Have you seen his posts? Oof. Also, her
|
# ? Nov 3, 2020 22:38 |
|
Canuck-Errant posted:My 5GHz network is "theCIAdid5G" so Flowers By Irene is mine; think I got that from someone in one of these threads.
|
# ? Nov 3, 2020 23:09 |
|
I just use 'xfinitywifi' so I can scrape all the connection requests
|
# ? Nov 3, 2020 23:27 |
|
MF_James posted:Flowers By Irene is mine; think I got that from someone in one of these threads.
|
# ? Nov 3, 2020 23:33 |
|
This is exactly why my phone's hotspot is this. Gets a laugh when I am on client site and someone notices the rogue AP. If they notice it.
|
# ? Nov 4, 2020 00:25 |
|
RFC2324 posted:I like the one tHat presses shift every 59 secoNds.
|
# ? Nov 4, 2020 05:38 |
|
Make one that presses altgr randomly. Live dangerously.
|
# ? Nov 4, 2020 10:21 |
|
|
# ? Apr 26, 2024 21:13 |
|
Arquinsiel posted:Make one that presses altgr randomly. FTFY
|
# ? Nov 4, 2020 10:43 |