Ask the Bear & Badger
-
Dinostar77 wrote:Yossarian wrote:I can say it’s definitely not me. Hope that helps.
If it was Halo, the answer is automatically Yoss.
Actually, I think Coch has me beat. -
Anyone played Judgement? What I can see it’s Yakuza but you are a P.I.
It’s cheap at the mo and it’s getting a PS5 update. -
I think Reg has views on the soulsbornes but I’m not sure what they are. He’s hardly ever mentioned them.
-
Dinostar77 wrote:Whos the biggest From Software (Souls/Bloodborne/Seiko) fan on this forum? Elf?
I'd vote myself in the top 10 for souls and bloodborne but lose points for not completing Seiko -
For the IT types:
If I'm at work using my personal tablet on the work's wifi, can they tell what I'm clicking on or looking at? Not that I'm looking at anything dodgy but I do browse reddit and often there's stuff there that's pretty NSFW. And I have various messenger groups where folk will share pretty risque memes etc.
So will some IT dude be able to see that someone has sent me a photo with tits in it? -
I think they'd be able to see somebody went to those sites. I think it would be less clear who though. And storing identifiers that it's you (even if they could work that out from device identifiers / fact your the only person in the building) then storing/tracking ID likely a gdpr risk for them. But could depend on the Ts&C's of the network, if they're written down anywhere... -
GDPR doesn't matter if they can make out they have a valid reason to keep the data such as to keep illegal content off their network. Does the UK even do GDPR now as a sovereign nation?
Lots of people in my work asking about getting WiFi when its not going to happen. I wouldn't use it anyway, I'd rather tether to my phone. I've nothing to hide, just don't trust anyone.[quote=Skerret]Unless someone very obviously insults your loved ones with intent, take nothing here seriously.[/quote] -
Yeah maybe I'm overstating it, and not sure what the position is post EU. But if they say it's for illegal stuff then using it for something else would be against the rules?
But yes, any, my conclusion would be the same regardless: safest not to use it! -
Matt_82 wrote:For the IT types:
If I'm at work using my personal tablet on the work's wifi, can they tell what I'm clicking on or looking at? Not that I'm looking at anything dodgy but I do browse reddit and often there's stuff there that's pretty NSFW. And I have various messenger groups where folk will share pretty risque memes etc.
So will some IT dude be able to see that someone has sent me a photo with tits in it?
It depends on a number of factors. Your device will have whats called a MAC address. The first set of numbers and letters are unique to your device manufacturer. The second half is unique to your device. Depending on the lease your device gets (the ip address the wifi network assigns it) it is possible to identify your device. Whether they can actually identify you is much harder.
The websites you are accessing depends on whether they are encrypted or not ie. Https rather than http. If its a https website your visiting then your connection from your device will be encrypted to the website. If its http then your information is travelling in the unencrypted and is readable.
Now not getting in the weeds or too techie, but don't get complacent if all the sites you are visiting are https i.e. encrypted because your woekplace may have SSL encryption breakout devices (these devices unencrypt the information stream look at the information inside and then re-encrypt it and send it on its way).
As Muzzy said l, alot depends legally in the t&c banner when you log on. To be safe i wouldnt risk going to dodgy sites on work wifi. However, if you install a VPN on your device and use that VPN while connected to the wifi you will be fine. Then even if your workplace has SSL breakout devices, they wont be able to see your information to and from the website. So if in doubt dont do it at work. If you must and want to be safe from reprisal then use a VPN.
Tbh, VPN usage is a must on any wifi network other than your home network if you want to ensure your confidentiality, security and obscurity.
-
You have to follow GDPR if you're doing business with the EU is my understanding, unsure where you work, Matt.
I'd be more concerned why you're viewing illegal nsfw stuff! I assume that's not the case though and it's just good old legal tits and fannies, or cocks. -
Nobody said he was viewing anything illegal!
-
Cheers guys. GDPR is certainly a thing at my work. I have a work computer but don't browse on that. Just on my tablet.
We're allowed on Reddit during breaks etc. So it's not being on it that's the concern. But a while ago, a small unattended subreddit I was on, was spammed with porn. That would appear as thumbnails as I was scrolling so I'm more concerned about that kind of thing.
That and weird memes in private chats. -
acemuzzy wrote:Nobody said he was viewing anything illegal!
I think he's projecting. -
Perfectly legal can still be unprofessional. I mean, there’s nothing illegal about watching Taylor Swift videos but you don’t want your boss to know you’re doing that instead of his TPS reports. -
-
Check out poppo with his gendered language for boss. Tut tut. Not illegal, but unprofessional.
-
Well I was talking about this boss:
-
Few things:
1) Your work absolutely will know the websites you are browsing via your tablet, if you're on their wifi, and they're not totally incompetent at IT
2) It's possible / probable they have alerts set (probably via a 3rd party monitoring service in their IT stack) for dubious websites (adult content etc). Often places like Reddit aren't picked up by these, if you're browsing the more normal subs, but mileage may vary
3) It's less likely but possible they have alerts set on a per device basis for browsing non-work IP addresses (eg: device spending more than 4 hours browsing open internet = alert sent)
4) It's very easy to identify your device as your device if it's on their network
5) GDPR is current law in the UK, as all EU law (mostly) still is, but is likely irrelevant in this case: your company absolutely has good reason, in fact probably has legal responsibility, to keep data like "which devices are accessing which websites". GDPR is very misunderstood I think! It's not some kind of blanket "you can't keep personally identifiable info on me!" law, it's just about adding a bunch of safeguards to that data, appointing officers to be responsible for it, and being able to show that you need it for reasons, and allowing consumers / law enforcement to have access to it and a RTBF / CDDR process
6) In short: don't browse anything on a work network which you'd not want someone to know about, even though it's low risk. They will have tools to know who's looking at what, even though they probably don't care unless it's porn picked up by a packet sniffing tool. The reality is that so much browsing is done, it's not easily enforceable without something at network system level blocking access (as companies do for Facebook etc). That said, it's an easy thing to show that you've broken company policy on, say, accessing dodgy material if you had a dispute with them, and GDPR (let's call it Data Protection act 2018) won't save you.
You could use your mobile connection to connect your tablet to internet instead, you could restrict your browsing to things you don't care your company knowing about, etc -
poprock wrote:Well I was talking about this boss:
Yeah, I got the memo. -
o/
-
Again, thanks fellas. I'll watch where I'm browsing at work. Ta.
-
They can tell OK, provided they have the right tech in place.
Without a corporate login they can't tie your browsing back to your active directory entry. But if the wifi has a unqiue login obvs they could track your browsing. They could also track browsing against your device ID or mac address.
Shadow IT and the use of unapproved cloud services is a hot topic - esp. if the workforce is storing work data in cloud services that are not approved by work. That is a GDPR issue.
One gap that is a worry is split tunneling used by home workers. Home workers might use a VPN to connect to work but when using internet services are connected by them via their home broadband - so no visibility of what you are doing. An "always on" VPN gets rid of the split tunnel and routes all traffic through your work's internet connection which can then be monitored. That's OK with corporate devices but might need your employment Ts & Cs to cover having to have that installed on your personal device.
Of course always on VPN needs your IT to ensure the throughput of that is sufficient. We have 2x5Gb internet connections with load balancing in place now, but a firewall that could handle that amount of throughput is beyond our means - we are talking very large amounts of money. Instead of beefing up their firewalls, IT could use a cloud based security broker (CASEB) that your web and vpn connection flows through - that will monitor activity too. CASEB's aren't cheap either though...so it depends on how well your company is funding IT.
Implementing an always-on VPN is what I'm working on now, among other things. We are hoping to shift the load off our firewalls by doing things like routing O365 traffic directly. We can get O365 usage reports from the Azure/O365 admin console reporting.Holding the wrong end of the stick since 2009. -
As previously mention, a vpn on your device will encrypt all your traffic so the only connection they will see is from your device to the vpn server.
Messages, as long as they are sent on an encrypted app (such as WhatsApp) will be completely private. -
davyK wrote:They can tell OK, provided they have the right tech in place.
Without a corporate login they can't tie your browsing back to your active directory entry. But if the wifi has a unqiue login obvs they could track your browsing. They could also track browsing against your device ID or mac address.
Shadow IT and the use of unapproved cloud services is a hot topic - esp. if the workforce is storing work data in cloud services that are not approved by work. That is a GDPR issue.
One gap that is a worry is split tunneling used by home workers. Home workers might use a VPN to connect to work but when using internet services are connected by them via their home broadband - so no visibility of what you are doing. An "always on" VPN gets rid of the split tunnel and routes all traffic through your work's internet connection which can then be monitored. That's OK with corporate devices but might need your employment Ts & Cs to cover having to have that installed on your personal device.
Of course always on VPN needs your IT to ensure the throughput of that is sufficient. We have 2x5Gb internet connections with load balancing in place now, but a firewall that could handle that amount of throughput is beyond our means - we are talking very large amounts of money. Instead of beefing up their firewalls, IT could use a cloud based security broker (CASEB) that your web and vpn connection flows through - that will monitor activity too. CASEB's aren't cheap either though...so it depends on how well your company is funding IT.
Implementing an always-on VPN is what I'm working on now, among other things. We are hoping to shift the load off our firewalls by doing things like routing O365 traffic directly. We can get O365 usage reports from the Azure/O365 admin console reporting.
Split Tunnelling always on VPNs is picking up pace now especially when you have so much traffic going to O365 and so many people working from home. Keep everything in the corporate VPN other than O365 traffic and rely on the Azure/AWS secure at the tenant. That raises its own issues as you then need to further secure the users endpoint devices as they could become pivot points into the heart of your corporate network. There are SSL attacks out there that have been successfully implemented in the real world and not just lab environments.
I.T. is always full of interesting stuff for us IT geeks
-
GooberTheHat wrote:As previously mention, a vpn on your device will encrypt all your traffic so the only connection they will see is from your device to the vpn server. Messages, as long as they are sent on an encrypted app (such as WhatsApp) will be completely private.
That's true though one has to be careful. Firewalls can decrypt SSL traffic, though not necessarily VPN traffic. We are looking to see if the firewall we have can decrypt SSL and keep up performance or if we need to buy a dedicated decryption appliance.
IT could may be able to block certain traffic streams if an unauthorised VPN is detected.
Again it depends on how draconian your organisation is.Holding the wrong end of the stick since 2009. -
Office Chairs
Let's face it, I'm not getting back into the main office for sometime and even then work have pretty much said we don't need to be in all week.
So... gimme some recs on ergonomic offices chairs. I have the Ikea one with the high back, but I think something better as the height adjust could be better and the depth adjust.
I'm not in the market for Herman Miller as much as I'd like to be, but don't mind paying more than the Ikea £150 and whack it on the credit card if it's moving into slightly pricier territory. -
I think I like the neck rest one. I don’t use it all the time but sometimes if a zoom call is going on too long it’s nice to sit back against it.
-
B01rs you have the ikea Markus chair? I use that its good. But missus has one providef by office. Proper ergonomics chair. Which is more comfortable for work.
Howdy, Stranger!
It looks like you're new here. If you want to get involved, click one of these buttons!
Categories
- All Discussions2,715
- Games1,879
- Off topic836