> "If you’re working from home they can pick up audio and visual images of your private life."
The jurisdiction of the authors of this article appears to be Victoria, Australia where it is illegal to record audio and visual images of someone's private conversations or private space at home[1] without a law enforcement reason. Similar applies to other jurisdictions of Australia. Aside from the obvious legal problem, I doubt businesses would want to deal with the potential liabilities of recording and storing footage of someone's kid running past a camera in the background of an employee's home without clothes on, or recording a private conversation an employee has with their lawyer relating to a family law matter.
Many Australian organisations would also be reluctant to provide their own employee's access to video surveillance footage from cameras in public locations. There would generally only be a small handful of employee's with access to recorded footage. There is a significant possibility of misuse resulting in negative media attention and fines for the organisation. There is also a cost issue. The more an organisation records, the greater the chance they'll have to respond (at their own cost) to a law enforcement request or response to a court proceeding to reveal the footage.
This is not tinfoil_hat territory. I thought it was pretty much given that everything you do on company-owned hardware is subject to being monitored and/or logged. Maybe I've worked too long in BigTech, but I don't recall the last company I worked for where this wasn't part of the paperwork you agree to when you start and/or receive a company-supplied device.
Funny to see this today. I'm doing consulting for a customer, and have an account on their Outlook/Teams setup, while still being associated with another unrelated company. My own computer and equipment. Yesterday I received a bounce email from Outlook - my forwarded email could not be delivered since the recipient didn't exist. Thing is, I didn't forward anything, and there is a c-level guy in this small company that is close to that user but just a keyboard slip away.
So I have to assume that for some reason that forwarded email was supposedly interesting and there's either a filter to forward, or they manually log in and forward what's interesting. Either way, getting it in my face is pretty off-putting.
Thinking of forwarding that email and add "hey, your surveillance is misconfigured, but here it is anyway".
They don't have to surveil your computer for e-mail. Assume any on-prem e-mail systems can be read by the admins at said company. The same goes for Office 365 e-mail systems as well.
What you are saying is absolutely true, but I've worked with some particularly inept executives and they are often identifiable with requests like "I want every email that new staff send bcced to me", which always becomes funny when they set up oof.
Yeah I do, it's just a bit on the nose to see that it's someone actually in-this-moment looking through my emails. Not an algo doing a keyword scan, not a save-for-what-ifs. A person, looking through my emails. What makes this even more funny, is that these guys are the ones going "we're a family" and all that.
You guys get free work computers? I had to buy my own hardware for working remotely. Though that also means there's no crazy spyware on it or unnecessary bloat slowing it down. I might actually prefer this arrangement...
Do the large companies usually let you do that at all?
If I need to sign a legal contract asserting that every desktop has bitlocker or the mac equivalent, there needs to be a level of remote management, and I'll be the first one telling people they can't force people to intune enroll personal desktops. So in a lot of cases there will be an argument against your arrangement.
In Australia - companies usually provide computers afaik, probably for legal reasons. The default law is if you make something on a work computer then your employer owns it.
same lol. if they give you a computer - use it for work! otherwise it is arguably your property and your right to do what you want regardless if they have google workspace etc. just create a separate account
I've been reading a 1988 text by Barbara Garson, "The Electronic Sweatshop: How Computers Are Transforming the Office of the Future into the Factory of the Past" - it's a series of interviews about primitive bossware, metric tracking and computerized middle management that effects a robbing of personal agency and deskilling of labor through various means of minuscule tracking ... 1988. Taylorism is old and it's coming for you.
The book is fine btw... Not the greatest but fairly prescient
What's better: being on your work computer for 14 hrs/day producing nothing of value and/or taking meetings that you're at best a passive observer in, or being on your work computer for 3 hrs/day hitting and exceeding personal/team goals and driving tons of value and spending the remaining 5 work hours living life while being available?
I hope we can collectively move away from time-spent-working as the measure of productivity.
Mixing personal and work business of the same machine is just bad data hygiene.
Is it that hard to whip out a mobile phone / tablet when you need to conduct some personal business or procrastinate?
This goes hand in hand with the more general principle of maintaining strict compartmentalization between work and personal life. My personal time, devices, online accounts, etc are mine.
I don't know how to phrase this more politely, but why do you feel entitled to use a company-issued device for personal use to the point of re-partitioning and installing an unstable OS?
From what I've seen this isn't "entitlement" - it can be that the employer is aware and OK with you treating their computer as your own (and you can always simply ask). Often such companies allow BYOD. Similarly people might not want two phones, or two cars - so this could be seen as a perk. The policy can be "just format it before you hand it back".
I see this assumption that people are being sneaky by using company devices for private matters on HN quite frequently, but it really doesn't gel with my experience.
My corporate IT doesn't let us use ad blockers, password managers, incognito windows, or GPG. It's rules like that, which motivate me to carve my own path to actual security.
I've seen security breaches happen, and it's not the self-motivated users who cause them. It's the casual users who leave their computer unlocked, or go on social media with the same one browser they're using for work, or who click links in email without checking the source.
> It's the casual users who […] go on social media with the same one browser they're using for work
this sounds like personal use, though. I do appreciate your perspective, and am sorry that your IT dept has no sense of security. Disallowing password managers and ad blockers honestly sounds like a good sign to gtfo and find a more competent org, or dig in and drive some serious change from the inside.
I’m gonna guess that 99% of the time a company gets hacked because the CFO gets caught downloading porn from a sketchy website on his Windows machine. Not because of some nerds running linux.
It often takes my company three months to allow certain security updates through, so I'd say that's a fairly huge fail from a security standpoint. It is quicker from the Mac team though, and they're slowly deprecating Windows machines once it's certain all software works properly on M* machines.
Well, your question was rude. The polite phrasing that eluded you would be something like, "What motivates you to use your work machine for personal reasons? Can you think of any downsides to this approach?"
Asking "why do you feel entitled" is starting off on the wrong foot.
okay, then could you answer your own question instead of nitpicking my lack of saccharine qualities? i am simultaneously curious and frustrated by the entitlement people express in these situations.
Sure! I'm someone who tries to stay ahead of the curve in terms of personal security. And when my IT teams make rules that inhibit users' security (I just went into detail here: https://news.ycombinator.com/item?id=37841214 ), I feel responsible to take matters into my own hands.
if there is no harm to the employer then what exactly is the problem? the complete Mac bootchain with all its security stays intact, Asahi is entirely separate and OP is not using it for work. at that point there is no risk to the company, its just economical use of a computer.
I’m generally with you here, but in this specific case the GP’s stated purpose in doing so is to enable doing personal activities on their work device.
I think that’s the part I personally balk at a bit (and what I suspect GP was getting at), not necessarily the act of installing whatever you want on the device.
Mixing work and personal like that seems a priori a bad idea. In many cases, work can even seize your device from you for legal reasons. Yes, you can keep the personal activities separate on an encrypted partion and otherwise walled off from the work bits. But this all just limits some of the possible downsides and doesn’t make it a good idea.
Part of the "corporate device" is the fact that they can ensure its security.
Would you be comfortable letting Bob in Accounting use her own computer, the one she uses to do payroll for the whole company? The same Bob who clicks every link in every email and installs every executable possible. The same Bob who doesn't remember passwords and has the payroll system password on a post-it note next to his display and uses auto-login on his computer because typing the password every morning is too much of a hassle.
Or would you rather have some "corporate spyware" on there doing basic sanity checks for malware, weird access patterns, enforcing a password policy and automatic locking when idle?
>Or would you rather have some "corporate spyware" on there doing basic sanity checks for malware, weird access patterns, enforcing a password policy and automatic locking when idle?
The problem with these corporate spywares is that they're designed for the Bobs of the world and I do not consider myself a Bob. When my employer was implementing one of these management nannies to enforce password policies, it would've rejected my password because it didn't have a number in it. However, mine was significantly longer than the minimum, so my password has like 25% more entropy than the minimum mandated.
If my employer trusts me enough to let me set up new AWS environments and secure our production databases, maybe they could trust me to secure my work laptop too. Different courses for different horses.
I've been in situations where programmers are forced under the same rules as random office workers. Like no admin permissions on their own laptop. If you need to install something, you had to call IT and they'd give you an admin account that was active for 30 minutes or something.
It was extremely fun when I had to test multiple applications and had to do this process many times a day :D
Nevermind the fact that corporate mandated password changes every three months usually is pointless because the vast majority just change their password from "Password1" to "Password2" etc. Not very hard for a bad actor to identify.
Might want to do some research on how remote management works on Macs. They are incredly friendly to corporate spyware, and will pull MDM/remote management in on a fresh install if the serial number matches up.
Team goals and dev estimates have the same problems.
Managers don’t know how to set goals, and if they set goals, their managers might change or disavow or ignore the previously set goals.
I once argued with a toxic founder and he yelled, “You don’t even work 40 hours/week!” So I walked him through it — I arrived before he did, and he saw me leave because he seated himself at the exit.
When he had to grant me that I worked plenty of hours, then he yelled, “But you’re not ENGAGED!”
And on and on it goes. Same shit, different script.
It's a convenient shortcut that surfaces all the time though: "You'll find me at my desk!" (obviously not yours neither, but having to use a periphrasis would be somewhat annoying)
(coincidentally, my work laptop, which I chose, belongs to the company but went straight from the manufacturer to my home and I installed the OS and everything myself, and no piece of proprietary software from the company lives in it. I know I'm incredibly lucky on this.)
That varies wildly by jurisdiction. The article describes the various prerequisites in a couple of Australian states/territories (most of whom include advanced notice), and in the EU it goes even further than that, requiring advanced notice and having severe limitations in what your employer can actually monitor. An example court case:
> On September 5, 2017, the Grand Chamber of the European Court of Human Rights (ECtHR) ruled that a private company's decision to dismiss an employee, after monitoring and accessing his instant messages sent from the workplace, violated the employee's right to respect for private and family life
To elobarate on that, the hurdles for monitoring employees are really high. It is always illegal to do it secretly and conversations etc are considered private even if you're in the office and talk with collegues. Also worker's councils hate that stuff and a company would have a really bad time with theirs.
Exactly this... There are numerous stories of people having their boss call them and ask them about something they're doing that they would only know if watching on video. Apparently this was somewhat common as remote work became common among during COVID where women employees would have their boss spy on them remotely via video and they would realize it because the boss would say some offhanded comment that they wouldn't have known if they weren't watching through the webcam.
I do not use my work computer for much outside of work... However, when traveling for work or other times I will 100% do personal things on my computer. Even though I'm devops/sysadmin and had admin rights to disable applications from accessing my macbooks webcam I knew they could override it at anytime they wanted. So I also purchased covers for the webcam & never trusted that I wasn't being spied on via microphone. But any company that does that stuff is just terrible and it's not the way to get the best out of your employees. I am much more likely to put in a lot of extra time outside of work if I can mix in my personal browsing with my work.
Where I live, no, they don't have to tell you. Because they are not allowed to in the forstvolace. If they are allowed, and do, it is a rare exception that is handled a lot like search warrants, and they require reasonable suspicion of the emoloyee doing something fishy (stealing data, cheating with hours...).
there is a grey area. some companies will not ship you a device if you are fully remote (which i personally prefer since I'm most productive on my OS/config of choice) yet all their operations exist on google/microsoft accounts. so if you happen to login on one of these on your personal browser and go about business without thinking twice… its all logged!
The jurisdiction of the authors of this article appears to be Victoria, Australia where it is illegal to record audio and visual images of someone's private conversations or private space at home[1] without a law enforcement reason. Similar applies to other jurisdictions of Australia. Aside from the obvious legal problem, I doubt businesses would want to deal with the potential liabilities of recording and storing footage of someone's kid running past a camera in the background of an employee's home without clothes on, or recording a private conversation an employee has with their lawyer relating to a family law matter.
Many Australian organisations would also be reluctant to provide their own employee's access to video surveillance footage from cameras in public locations. There would generally only be a small handful of employee's with access to recorded footage. There is a significant possibility of misuse resulting in negative media attention and fines for the organisation. There is also a cost issue. The more an organisation records, the greater the chance they'll have to respond (at their own cost) to a law enforcement request or response to a court proceeding to reveal the footage.
[1] Part 2, Surveillance Devices Act 1999, https://content.legislation.vic.gov.au/sites/default/files/2...