cross-posted from: https://lemmy.ml/post/15178977

FWIW, this isn’t to do with me personally at all, I’m not looking to do anything dodgy here, but this came up as a theoretical question about remote work and geographical security, and I realised I didn’t know enough about this (as an infosec noob)

Presuming:

  • an employer provides the employee with their laptop
  • with security software installed that enables snooping and wiping etc and,
  • said employer does not want their employee to work remotely from within some undesirable geographical locations

How hard would it be for the employee to fool their employer and work from an undesirable location?

I personally figured that it’s rather plausible. Use a personal VPN configured on a personal router and then manually switch off wifi, bluetooth and automatic time zone detection. I’d presume latency analysis could be used to some extent?? But also figure two VPNs, where the second one is that provided by/for the employer, would disrupt that enough depending on the geographies involved?

What else could be done on the laptop itself? Surreptitiously turn on wiki and scan? Can there be secret GPSs? Genuinely curious!

  • CameronDev
    link
    fedilink
    arrow-up
    6
    ·
    edit-2
    6 months ago

    I suspect that if you connected to your work vpn from a personal VPN IP address that may raise some questions. “Dave keeps connecting from inside Amazons data center, thats weird”.

    Turning on wifi to scan would be trivial technically. Hidden GPS maybe, but its more likely that they would just have an overt GPS module if they cared.

    A wired in airtag or similar would probably be doable, and wouldnt be visible to the OS.

    Latency analysis would probably be quite tricky. If you had starlink or dialup your latency would be pretty bad to begin with.

    Realistically, if the employer was concerned about company data leaving the country they wouldnt be allowing WFH at all.

    • RegalPotoo@lemmy.world
      link
      fedilink
      English
      arrow-up
      2
      ·
      6 months ago

      Yeah, traffic coming from an ASN that isn’t assigned to a residential ISP would be a pretty good sign of shenanigans