this post was submitted on 03 May 2024
24 points (87.5% liked)

cybersecurity

3262 readers
1 users here now

An umbrella community for all things cybersecurity / infosec. News, research, questions, are all welcome!

Community Rules

Enjoy!

founded 1 year ago
MODERATORS
 

FWIW, this isn't to do with me personally at all, I'm not looking to do anything dodgy here, but this came up as a theoretical question about remote work and geographical security, and I realised I didn't know enough about this (as an infosec noob)

Presuming:

  • an employer provides the employee with their laptop
  • with security software installed that enables snooping and wiping etc and,
  • said employer does not want their employee to work remotely from within some undesirable geographical locations

How hard would it be for the employee to fool their employer and work from an undesirable location?

I personally figured that it's rather plausible. Use a personal VPN configured on a personal router and then manually switch off wifi, bluetooth and automatic time zone detection. I'd presume latency analysis could be used to some extent?? But also figure two VPNs, where the second one is that provided by/for the employer, would disrupt that enough depending on the geographies involved?

What else could be done on the laptop itself? Surreptitiously turn on wiki and scan? Can there be secret GPSs? Genuinely curious!

you are viewing a single comment's thread
view the rest of the comments
[–] cm0002@lemmy.world 12 points 6 months ago (7 children)

There are ways, but the VPN/Personal Router route will thwart 99.99999% of businesses out there (For a non-cellular enabled laptop and you refuse a work phone)

The remaining .000001% that go the extra mile are going to be dealing high security, confidential secret stuff like TS gov defense contracts or something

[–] BarbecueCowboy@kbin.social 5 points 6 months ago* (last edited 6 months ago) (1 children)

Your cybersecurity team is going to be annoyed with you using a non-corporate VPN if you have one. Any monitoring they have will probably have something that will ping on using common VPNs, but at most companies, consequences there likely won't make it to HR. May make it to your manager though if they think it's a sign of compromise.

[–] cm0002@lemmy.world 1 points 6 months ago (1 children)

Ez-Pz, cheap VPS + VPN server

Or I think there are also VPNs that advertise using "residential IPs", I know that's a thing with SOCKS proxy services.

[–] BarbecueCowboy@kbin.social 3 points 6 months ago

Yeah, common VPSes are monitored too, it's a very easy add. Alert on IP ranges from a publicly maintained and easy to find list is not a hard ask. If you ran it through AWS, it would probably pass a lot of basic checks. Using residential IPs will probably get you a bit of time, but I can't imagine there being a good way to do that without it being very hard for the VPN provider to keep up and very easy for a security company to just make a new list of IPs and assume the whole range is bad.

Your best defense here though is that your cybersecurity team probably doesn't care that you're doing this once it's determined that you aren't a malicious actor as long as you aren't creating too many alerts.

load more comments (5 replies)