-
The easiest way to see what you're doing isn't to try and decrypt the web traffic but just to serve the DNS and look at the DNS logs.
DNS is not encrypted, so why do anything harder. The logs reveal which local IP address asked for which domain name.
It's hard to stop this, but if you use Firefox and enable DNS over HTTPS then your DNS will be encrypted too.
At that point all anyone can tell is which IP you've connected to. But with SNI certificates, without a host head known in advance, most websites will not return anything and only the smaller sites where a single site is on an IP would reveal what you are looking at - were someone manually checking.
So assume your DNS is leaking everything despite encryption everywhere else, and isolate browsing you want to keep private to Firefox, and ensure DNS over HTTPS is enabled (it's only default enabled in the USA right now as it's a new feature).
You are reading a single comment by @NotThamesWater and its replies.
Click here to read the full conversation.
Velocio
@NotThamesWater
How can I tell if I have true end-to-end encryption?
I have local admin on a Windows 10 laptop, and I control the domain that I am connecting to (either over https or ssh)
I don't control any locally installed anti-virus / monitorware / group policy, nor local network / gateways
Is it still possible that local IT could do a man-in-the-middle & see what I am doing - They can obviously see that I am on lfgss.com, but can they see anything else?