Can my work see what I am doing on my Mac if I am using their Wifi? Can they see my passwords? Is it only while I am on it or is there a history if they were to check it?
Should I purchase one of those traveling Personal attachments?
3 Answers
Ultimately the answer is yes, they can see what you are doing on their WiFi. Whether they can read passwords or not depends on the websites themselves. Sites that are secure will encrypt passwords so external devices can't read them, but if a website deal passwords in plaintext then it's anybodies game.
They wouldn't be able to read browser histories etc from when you were connected to other networks, unless they have their own particular software running on your machine, in which case they could potentially read whatever.
-
"They wouldn't be able to read browser histories etc from when you were connected to other networks" - As an Administrator, I can access the AppData directory, on any machine connected to my network. Which means I could, in theory, take their browser profile, and look at their browser history. Likewise, I have in the past, taken an IE/Edge session and transplanted it onto multiple machines. Only a matter of understanding how IE/Edge sessions work. I wouldn't have to use any special software other than built-in tools to do this, I could remotely push a script, that collects the data.– RamhoundCommented Nov 15, 2018 at 1:00
-
@tomh1012 - this answer is vague at best or incorrect, conflaiting plain text passwords (which is separate to the transport mechanism). Secure sites do not encrypt passwords, they encrypt data streams in flight which may include a password.– davidgoCommented Nov 15, 2018 at 2:31
If the MAC belongs to them, and/or they have installed software or certs on it or require a proxy, then they can see what you are doing.
If the MAC belongs to you and does not have an added root cert they have the private key for, then they will not be able to see exactly what you are doing if the site uses https, however they will be able to sniff any data sent over http. (ie if there is no lock on the URL bar, they can sniff it).
It is also likely that they will be able to see what site/domain (but not which pages) you visited, as your computer will probably use the DNS server they specified, thus leaving a trace of where you went. If they are dedicated, they may be able to infer additional information based on the size of the packets you sent and received - eg a video site will look a lot different to a banking site in terms of data transmitted and received, the percentage of time data is actually flowing, and the number of requests going through.
It is unclear what you mean by "personal attachment" - that is not, to the best of my knowledge a security thing. The best way to handle Internet in this environment might be to get a cellular connection which bypasses the corporate network altogther.
A VPN can provide limited additional protections provided it is set up such that everything, including DNS goes across it. although some traffic analysis is still possible, this will mask the site as well)
When on company wifi, everything - even passwords in some cases - are logged. Buy a 4g wireless personal router like these https://shop.ee.co.uk/dongles/pay-monthly-mobile-broadband/4gee-router/details#
answered Nov 14, 2018 at 22:09
-
It’s a very general statement to suggest everything is logged by simply being on a company WiFi. That would insinuate everything is logged when I connect to Starbucks’ WiFi or McDonalds. At least provide some supporting information for your claim rather than flat out suggesting that someone purchase an expensive alternative. Commented Nov 14, 2018 at 23:33
-
@JohnnyVegas This is outright false. It generalizes excessively, and implies most companies do not follow best practices (logging passwords is definately not typical), and ignores that most stuff is HTTPS, so invisible to the owner of the WIFI.– davidgoCommented Nov 15, 2018 at 7:46
-
A 4G router isnt expensive. Every single employer simply cannot afford to supply unfiltered unlogged internet access as they are responsible legally. To assume anything else is wrong. Commented Nov 15, 2018 at 12:46