Marco Moock: >> There are firewalls that do TLS interception. >> That is a man in the middle attack by your site to your connection, >> they can read and manipulate all your traffic.
Samuel Sieb: > That is terrible and breaks all security. You can't trust any sites if > you do that. It's a point of view thing... a) It breaks your personal security, so do not do banking or personal mail when working on your work's system. Which you shouldn't do anyway, though there are still people who don't have the internet at home, and they probably feel their work system is a safer risk than a public library, as well as more convenient. That kind of thing, though, should be done with permission of the computer admins and following their instructions. b) It strengthens an organisation's security if rigid controls are made about what information can flow in and out of that organisation. It might be to block the flow of confidential client data, or that of the organisation, *if* it can look into traffic and *if* it recognise it. Or automatically redact some content, or to block it under certain circumstances. e.g. You might feel okay that your doctor's office can transmit a medical record to a hospital, but surely not to Facebook. Working from home opens a can of worms. From my point of view, if someone wanted me to do that, then they have to provide a PC and a secure network connection. Whether that be VPN, or activating a second port on my fibreoptic modem/network termination device - it has fibre in, two VOIP phone sockets (to plug a traditional handset in), and four ethernet sockets that allow for four different ISPs (it is not a router or switch). I'm not trusting them with my own computing traffic, nor wearing out my own equipment at my cost. And I wouldn't trust their traffic in my system. Likewise with mobile phones. I would not allow them to impose work rules or data inspection on my personal phone. -- uname -rsvp Linux 3.10.0-1160.119.1.el7.x86_64 #1 SMP Tue Jun 4 14:43:51 UTC 2024 x86_64 (yes, this is the output from uname for this PC when I posted) Boilerplate: All unexpected mail to my mailbox is automatically deleted. I will only get to see the messages that are posted to the mailing list. -- _______________________________________________ users mailing list -- [email protected] To unsubscribe send an email to [email protected] Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedoraproject.org/archives/list/[email protected] Do not reply to spam, report it: https://pagure.io/fedora-infrastructure/new_issue
