• We’re currently investigating an issue related to the forum theme and styling that is impacting page layout and visual formatting. The problem has been identified, and we are actively working on a resolution. There is no impact to user data or functionality, this is strictly a front-end display issue. We’ll post an update once the fix has been deployed. Thanks for your patience while we get this sorted.

How do employers monitor public wifi?

Status
Not open for further replies.
if you control the public wifi, you can set up logging on the router itself to determine who access what

who = based on the MAC address of your wifi card

if you don't control the public wifi, you can still capture packets and figure out who access what (if they were going to a non-https site)

also, there are ways to figure out who you are via metadata. eg, user A accesses http://www.facebook.com/myprofile a lot, probably that's his/her profile

read this: http://arstechnica.com/security/201...ine-metadata-actually-reveals-where-ive-been/
 
Last edited:
If you'd like to know what one of my major rules are, this is one of them.

Never trust any wifi network you don't directly control.

If you're even remotely worried about someone monitoring your access, stay off it.
 
GoodEnough said:
Yes, but assuming you have the offending device's MAC/IP, how would you link that to a particular user? Again, say the device is a personal cell phone not issues by the employer. How do you then connect it to a person (IF there is no metadata, b/c the user only goes to one site)

And no, this is not for a "friend". I have just always wondered how this works.
Click to expand...

cookies can leak

you could also try to triangulate a user based on wifi signal
 
You could also setup a personal VPN tunnel so all traffic is encrypted.

I am so paranoid I refuse to join any wifi other than my home WLAN. I just use LTE all the time. I have 10GB of shared data and so far haven't come close to using it up, so I haven't had much motivation to do this myself.
 
Some people prefer surfing on a desktop (email, etc) than on a tiny cell phone.

I am still wondering how they can tie a MAC address to a specific privately owned device.
 
GoodEnough said:
Some people prefer surfing on a desktop (email, etc) than on a tiny cell phone.

I am still wondering how they can tie a MAC address to a specific privately owned device.
Click to expand...

I limit my non-work related browsing to news, sports, and some tech news.

When I want to browse video games sites and post to forums I generally use my phone.

You are also right about the MAC address thing. I know sometimes I stay late and I may be the only one there. It wouldn't be hard to see the one MAC address using that particular AP and then have that data (this would also mean they would have to watch security cameras of the elevators/stair wells to know it was me that stayed late while also assuming it was me using that AP because I sit in that location). I am not saying it would be easy, but they could if they really wanted to figure it out in many cases.
 
You can have a landing page then use that page to log MAC/IP address as well as other information such as browser information/system specs/operating system. Which could help narrow down who is who.
 
Ok, so it sounds like they can manually figure out who is attached to a MAC address, but it's not automatic nor trivial. At the first step, they have a MAC address of someone's smartphone, and some metadata, but that's all. There's no direct link b/w MAC address and "John Smith in cubicle 2945C"
 
Status
Not open for further replies.

TRENDING THREADS

Back
Top