How to check if my boss is spying on me?

Status
Not open for further replies.
Mr India

Mr India

Forerunner
I have just joined a new job and have got a laptop and tata docomo dongle with 5gb unlimited plan. usb connection is disallowed and office wifi also has many sites blocked. however on the dongle all sites open. can the company know through tata docomo panel or something what all sites etc. i visit ? also how to check other spy stuff if is installed on windows 7 ? usb drive is disable and i neither can install anything so cant check with a antivirus. its just that i wanna freely use laptop at home wifi but dont want issues. also is there any way to dump all my old pc data into it ? i wanna format my old pc and keep its data on this one till then.
 
Your laptop is provided for office use. I don't recommend doing anything else with it.
Whatever you surf is being recorded by some software in the background and it will probably be broadcast to the network team the moment you attach the laptop to your office network.
 
Don't use office laptop for personal use! They can take a disciplinary action against you. Since you've just joined, just don't do anything that puts your job at risk.

You can use the dongle on your personal laptop, no worries. But, remember the company has full authority to approach Docomo to ask for logs. After all it's company dongle.

At my work place, they have liaised with the ISP to provide filtering/webscanning for the dongles they have given us.
 
As pointed out in the earlier convesations, when surfing on the Corporate network it would be getting logged somewhere or the other, regarding copying data, you can connect both the machines to the same WIFI network and copy files using the SMB protocol i.e. \\
 
im not gonna use dongle or company wifi for personal stuff. just wanna know if when i take laptop home and use it to surf on home wifi is it still logged ? how to check that thing mainly.
 
Mr India said:
im not gonna use dongle or company wifi for personal stuff. just wanna know if when i take laptop home and use it to surf on home wifi is it still logged ? how to check that thing mainly.
Click to expand...
This is why people opt to have their personal laptops even if the company provides them with a laptop as company laptops are strictly for company use
 
Firstly, if it is a company provided laptop, then it is meant to be used for company work ideally. Mails and Social stuff is usually OK, but not Music, Movies and etc...

Coming to tracking via Tata Photon dongle - the answer is no. They cannot track you with that. However, if you are misusing the dongle, they will come to know, since the bill shows the time used and data transferred, even session wise. If they notice huge data transfers in the middle of the night or on a recurring basis - they will try to find out what you are doing with the dongle.

Tracking software - this depends on two things - is the software running as a hidden service and if you have admin rights. If yes to the second, you can find out if any software is runnning, but if you do not have admin access (and ideally you wont) then you may not be able to detect any tracking software.

All aside, no boss will have time to spy on another persons work, unless he is a a**hole or has too much free time on his hands.

Just do your job, dont waste time on worrying and get a personal laptop with internet for your personal work.
 
  • Like
Reactions: divyesh2129 and tommy_vercetti
I also forgot to mention VPNs and other software, such as DirectAccess, as well as software used for DLP (Data Leak Prevention)

VPNs, if you have to always dial-up a VPN, even to connect to the internet - not counting emails and intranet, then there is a high chance you are being watched using automated mechanisms. I have seen this with a big MNC. They have set a GPO for the proxy, so without the VPN, no Internet. [You can bypass this in chrome using the --no-proxy-server flag]

DirectAccess is a form of transparent VPN with RDP. If you have this, there is a chance you are being watched as well.

Data Leak Prevention software - these look at two things - emails and HTTP/S. Whatever you are doing, goes thru them. HTTPS interception is something I dont like, but sadly, it has many takers. Another form of DLP is ADRMS+FSRM on Windows 2012, for documents on the server.

I may have gone overboard, but these are what I do [networks/security] and should know about.
 
  • Like
Reactions: drkrack, divyesh2129, tommy_vercetti and 2 others
If its a work laptop then just assume they know. Even if you think its not likely/the odds are low/whatever. Just assume that they know anyway. Its not a personal laptop and its not a personal internet connection.

Here is a question you should ask yourself. Do you really wanna have a conversation with your boss about pornhub.com?
 
For office machines stick to these sites: Banking, education, ticket booking (cleartrip, irctc types), e-papers. Period. It may or may not be getting logged, but they can run deep sniffing and open up archived logs. It takes just a bad day coupled with some ill luck for a sad moment to surface based on ones past browsing history. For example: I do not even open imdb at office. For example, I was once looking up SQL injection and reached some Indian site. The inline advertisements were about calling girls for conversations and having "fun". I immediately closed it. Of course the history is there, but I can clearly verify how I reached that point. Keep it strictly professional. It is being fair to yourself and the firm you are associated with.
 
  • Like
Reactions: Criminal
There are ways to put in monitoring at various levels. Hardware level, Software level, OS level, Network level and provider level for internet access. Software can hide from the task manager or can run under an innocuous process and you wont know. Best to use hardware for the purpose its meant for.
 
letmein said:
Btw, if a tracking software is installed, it will show up in the task manager right?
Click to expand...

Not necessary at all. Processes can be hidden. Even if it does show up, you will not be allowed/able to kill such processes.

In any case, as others advised, people should assume that activity is always being audited on work laptops.

Some months back, a guy at my company got fired because he happened to download an English movie of torrents using his office laptop while connected to his home internet connection. Apparently he forgot that he was also connected to our company VPN at the time and some of the connections got routed though the company internet gateway though the VPN. As ISP for our public IP get showed up as our company name, The associated movie studio sent a notice to our company. After they tracked and fired this guy, they also conducted an full audit of the logs collected from the office laptops and two more guys got fired for having installed pirated software.
 
^^ It is not the source from where downloading is done or the act of downloading itself that is illegal, but the fact that its copyrighted content being used without license from the content owner and obviously being the originator of such torrents that is deemed illegal. if the content owner gives consent to the anti-piracy group, then it doesn't matter.

The more interesting scenario is where the anti piracy consultancies are themselves the originators of the torrents.
 
  • Like
Reactions: vivek.krishnan
At OP, never mess with your office gadgets. Coz during audit you will get caught and questioned as to why you went off the policy and surfed, accessed or downloaded Xyz stuff etc.
Also never treat official stuff as your own personaln ones.
 
Status
Not open for further replies.
Top Bottom