Tech Dude // Linux Infrastructure Admin // Automation Nut // Privacy Advocate

Accounts:

  • 0 Posts
  • 14 Comments
Joined 2 years ago
cake
Cake day: June 15th, 2023

help-circle









  • BoneALisa@lemm.eetoLinux@lemmy.ml*Permanently Deleted*
    link
    fedilink
    English
    arrow-up
    2
    ·
    1 year ago

    I just had to switch my work computer from Arch to Ubuntu becusse they want MDM on all computers now, and flatpaks are litetally the only reason i can tolerate it.

    I now prioritise getting stuff from flatpaks, then the repos, and if they dont exist i use Distrobox to export any app thats only on the AUR for example.



  • Its worth noting, you cant actually MITM most traffic without device acess. To MITM my lemmy traffic, you would need either a copy of the certificate and private key of for example lemmy.world, which they would never willingly provide, or you would need to get a valid certificate from a CA for lemmy.world, which you could never get without verifying ownership of the domain.

    If you are using a company owned device to browse Lemmy, then 100% they can very easily install a custom Root CA and make their own certificates, and you should assume all your traffic is monitored. But if they allow BYOB or for your phone to be on the network, then they would be unable to see that traffic without you being able to tell, because you would get certificate errors.

    But if they allow you to install a VPN, then just use TOR with a TOR bridge and you wouldnt have issues, because they cant tell its VPN / TOR traffic akaik