• N4CHEM@lemmy.ml
      link
      fedilink
      arrow-up
      19
      ·
      1 year ago

      No, no, no. Private browsing isn’t private like that. Your ISP and network adminstrator (in this case your employer) can still see every website you access. This is usually explained on the “New private tab” on browsers.

    • w2tpmf@lemmy.world
      link
      fedilink
      arrow-up
      11
      ·
      1 year ago

      We record network traffic, not data from your browser. We can see every URL any device on the network hits, regardless if the traffic comes from a browser or even a phone app.

      • floofloof@lemmy.ca
        link
        fedilink
        English
        arrow-up
        1
        ·
        1 year ago

        In addition, some companies install software on each employee’s machine that enhances what they can monitor on that machine. It may not be labeled “corporate spyware” but something like “endpoint security”, yet it may have the capacity to track pretty much everything you do.

        • w2tpmf@lemmy.world
          link
          fedilink
          arrow-up
          4
          ·
          1 year ago

          Products such as Cisco Umbrella cover both. There’s a DNS appliance inside the network, as well as a client software that installs on devices that forces them to use Umbrella’s public DNS server when being used on another network.

          This means we can track everything on the company owner device, even when you are at Starbucks or at home.

          Never expect privacy on any device and/or network you don’t have ownership and control over.

      • TheProtagonist@lemmy.world
        link
        fedilink
        arrow-up
        1
        ·
        edit-2
        1 year ago

        How is this with mobile devices from your employer. I have a company iPhone and understand that there is a certain “space” on the phone which is controlled by the company, mostly all the Microsoft 365 apps (so, for example it is not possible to copy/paste stuff between MS and non-MS apps).

        However, for the rest I would assume that all the other traffic does not go through company servers (probably no traffic at all, as I usually have a local IP), and that they can’t see what I am doing in my other apps. Otherwise they could spy on all my transactions I do in my banking apps for example. But AFAIK iOS apps are pretty much sandboxed anyway.

        This might be different on my company PC / Laptop, though.

        • tryitout@infosec.pub
          link
          fedilink
          arrow-up
          1
          ·
          1 year ago

          Most companies deploy management software on their mobile devices. They have the ability to monitor activity and do things like remote wipe the device if you’re fired. On iPhone go to settings->general->vpn and device management to see if anything’s there.

          • TheProtagonist@lemmy.world
            link
            fedilink
            arrow-up
            1
            ·
            1 year ago

            Thanks for pointing me to this setting. There are two profiles, one is my personal VPN, which I use for device-wide ad-blocking (AdGuard Pro), another one is the MDM management profile. The latter one consists of a list of managed Microsoft apps (e.g. Outlook, OneDrive, Teams, etc.) and various (device) certificates. I guess nothing to be concerned about.

        • w2tpmf@lemmy.world
          link
          fedilink
          arrow-up
          1
          ·
          1 year ago

          The security on your device doesn’t matter at all.

          For ANY device to reach ANYTHING on the Internet it has to send a lookup request to a DNS server to get the IP of the server.

          A privately controlled network can easily force all of those requests through their own private DNS server which captures all activity.

        • strepto@kbin.social
          link
          fedilink
          arrow-up
          1
          ·
          1 year ago

          If your company also pays for your phone’s data bill, we can see a general overview of what sites you visit.

          • TheProtagonist@lemmy.world
            link
            fedilink
            arrow-up
            1
            ·
            1 year ago

            That could be possible, I don’t know. I am not visiting any adult or otherwise inappropriate sites on that phone, but I do a lot of Reddit, Lemmy, Mastodon stuff in my free time. But it was this way for the past 10 years and I never had any problems. Sometimes I think about buying i private phone, but it seems kinda stupid to have two of these devices.

          • TheProtagonist@lemmy.world
            link
            fedilink
            arrow-up
            1
            ·
            1 year ago

            That could be possible, I don’t know. I am not visiting any adult or otherwise inappropriate sites on that phone, but I do a lot of Reddit, Lemmy, Mastodon stuff in my free time. But it was this way for the past 10 years and I never had any problems. Sometimes I think about buying i private phone, but it seems kinda stupid to have two of these devices.

      • Samsy@lemmy.ml
        link
        fedilink
        arrow-up
        1
        arrow-down
        1
        ·
        1 year ago

        How about DoH? Firefox supports it, and not every IT admin has blocked the ability to use it. (mozilla.cfg)

        • w2tpmf@lemmy.world
          link
          fedilink
          arrow-up
          1
          ·
          1 year ago

          That only provides a secure connection to the DNS server. The DNS server can still log your activity.

          When on a private network, all DNS traffic can be forced to use a inhouse DNS server that records everything.

    • Fisch@lemmy.ml
      link
      fedilink
      arrow-up
      10
      ·
      1 year ago

      They can see what IPs you connect to, doesn’t matter what browser you use or if the connection is made from a browser at all

    • jet@hackertalks.com
      link
      fedilink
      English
      arrow-up
      8
      arrow-down
      1
      ·
      1 year ago

      Anything on a work computer, or on a work network, you have to assume is recorded by the office

    • BitSound@lemmy.world
      link
      fedilink
      arrow-up
      3
      ·
      1 year ago

      You can use Tor and your IT won’t be able to see what you’re browsing. They will be able to see that you’re using Tor, and might get grumpy about that, though.

    • t0fr@lemmy.caOP
      link
      fedilink
      arrow-up
      3
      ·
      1 year ago

      I mean it’s not blocked, but if you’re connected to their network, they can still see your traffic if they wanted to.

      • Pantherina@feddit.de
        link
        fedilink
        arrow-up
        1
        ·
        1 year ago

        Yes of course. But OP is asking about Browsing history, which is basically the only think private browsing can do

    • perviouslyiner@lemm.ee
      link
      fedilink
      English
      arrow-up
      3
      ·
      1 year ago

      “Tor browser bundle” is the version of Firefox that doesn’t reveal browsing data to the local network.

      • The Doctor@beehaw.org
        link
        fedilink
        English
        arrow-up
        2
        ·
        1 year ago

        The use of Tor does show up on the network. The protocol is known and understood, and has been in the detection sets of pretty much every layer 7 filtering product for the last ten or eleven years. What, exactly, is being accessed is largely concealed (but traffic patterns give away a reasonably broad picture of what’s happening).

    • The Doctor@beehaw.org
      link
      fedilink
      arrow-up
      2
      ·
      1 year ago

      Private browsing is a fig leaf at best.

      Portable Firefox is hit or miss, depending upon the work environment. It’ll definitely show up in file system monitoring, might show up in the logs of the border proxy as an unexpected user agent. The initial download will definitely show up. Removable media might or might not, depending on how group policy is set up.