You are reading a single comment by @Velocio and its replies.
Click here to read the full conversation.
Velocio-
don't look at porn on the work laptop
It's not the 90s any more - Is anyone that daft?
Of course, not using a work laptop for anything other than work is the correct answer,
But - given that there are sites that I have browsed at work that, while not objectionable / actionable, have content that may be nonetheless embarrassing and / or could make life awkward - is there any way to identify if the connection is compromised by, for example, root certificates (not that I can see any).
NotThamesWater
Thanks David!
If I'm wanting to be super-duper secret squirrely, I run an ssh tunnel on localhost, and connect to this as a socks5 proxy (incl. DNS)
My concern is that this may not be as secure as I would have thought*, and that because this is a work laptop, there is a root certificate that means I don't have true end-to-end.
Similarly, if I'm just browsing on the network with no tunnel (when I don't really care if the DNS queries are visible), can I be sure that when I am accessing my cloud server, what I am looking at is not being monitored. The certificates all look to be the ones I installed.
* Based on a convsersation with my local IT person, who made a comment about why I was searching for keys, when we were talking about yubikeys & 2fa - The irony of this is not lost.