Join 3,512 readers in helping fund MetaFilter (Hide)


Can my employer see what I do at home?
March 8, 2011 6:40 PM   Subscribe

Is there any way I can determine, with a high degree of confidence, whether or not my employer can track what I do on my home network using my employer-purchased Mac running OS X 5.8?

Relevant details:

- I don't do anything illegal or even highly immoral on my lap top. But sometimes I work at home and I'll watch a Hulu TV show or a Netflix movie over lunch. Sometimes I'll shop or write emails when work is slow. I'd be embarrassed if my employer found out about this activity, but I wouldn't go to jail or anything.

- I'm only asking about when I'm at home on my home network. Obviously it's a different story when I'm in the office on their network. In that environment I always assume that I'm being observed even though I'm probably not.

- I've looked through my applications folder and don't see anything like "net nanny" or whatever.

I think the odds of them watching me are low given the culture of my office, but I'd like to be sure. Asking someone in the tech department seems like poor form since it's sort of like saying, "So, can I look at porn all day without you knowing?"
posted by anonymous to Computers & Internet (13 answers total) 5 users marked this as a favorite
 
Did they set up the Mac before giving it to you, or did they just give you a box and let you have fun setting it up yourself?
posted by ZeusHumms at 6:51 PM on March 8, 2011


Are you connecting your Mac to your work's VPN in order to access work resources like a shared server? If so, then your web traffic would be passing through their hardware and they could easily record logs of the traffic.
posted by bcwinters at 7:10 PM on March 8, 2011


Assuming you really are going through your home network, it's very unlikely that they could pull something like that off. Look at your startup items. Is there anything in there? Then, check your processes in the activity monitor in your utilities folder - even a keylogger would have to show up there, unless they are extremely wily, which it doesn't sound like they are.
posted by Gilbert at 7:16 PM on March 8, 2011


i'm in the same situation with an employer-purchased and provided osx laptop. i still do all of the things you're concerned about. only caveat is that 95% of the company is on windows, so i'm very much the exception as far as OS, but everyone at my company is provided a laptop.
- i assume everyone does similar things
- i semi-regularly trip our work proxy filter for various things (games, the occasional link that the filter thinks is adult related) and have never had anyone contact me regarding it
- if it were a big issue, i would've heard about it already from other people at work who use their windows laptops
- assuming my employer did take issue with such activity, so long as i do nothing illegal, i imagine a mild verbal warning would be the worst that would happen

and again, i take this as "normal" activity for the majority of people who own work laptops.
posted by karmaportrait at 7:19 PM on March 8, 2011


How paranoid you are matters a lot for this question.

Super obvious things to check include System Preferences > Accounts (do they have an admin user to which they know the password? did they turn on Login items for your account?) and /System/Library/StartupItems or /Library/StartupItems (did they install something in the usual place that fires up when the machine boots?).

But if they installed a custom rootkit, no, you'd have to do something like compare checksums for every executable on the machine against a fresh OS X install to be sure to a high degree of confidence that there's nothing on the box that is tracking you. Those things you see running in the activity monitor normally could in theory be hacked applications doing double duty.

If you're willing to suppose your employers are not black hat geniuses, though, probably all you need to do is set up an account that uses FileVault and encrypted virtual memory (see the General and FileVault panels of the Security settings for the machine; note that you may not want FileVault on for your work account, because that's a problem for recovering important files from a crashed machine), and of course, don't use the company VPN. Do not simply rely on your browser's "private surfing" mode--that's unlikely to block Flash cookies. With that stuff turned on, your IT guys are much less likely to find out what you've been up to when the machine goes in for work/upgrades.
posted by Monsieur Caution at 7:30 PM on March 8, 2011 [1 favorite]


put a hub on your home LAN and run a packet sniffer on another box that you trust. See if you can account for all packets.

Also take the hub to work and do the same there, in case their monitoring software only offloads log files when connected to the office LAN.
posted by at at 9:20 PM on March 8, 2011 [1 favorite]


NOTE - if it is an employer provided and employer owned laptop - as in - if you were fired or quite you'd have to give it back - they have every right to snoop in any way they want into your use of their property.

Will they? different question.

But, be aware that your employer, if the above assumptions are true, has every right to do what you fear.
posted by BrooksCooper at 10:02 PM on March 8, 2011


If you're at home, why not use your own computer to do such activities? (If you don't have one, that's a different issue.) I would be careful about heavily mixing business/personal activities on a corporate computer. Someone at my office told me of a person at *management* training who didn't understand why she shouldn't have her Quicken info on her work computer.
posted by sfkiddo at 10:34 PM on March 8, 2011


You could try installing Little Snitch for a day that you are at home and use it in demo mode.

It will tell you about anything that is trying to phone home. You can still allow everything to pass but this will allow you to see if anything is doing anything including trying to contact a corporate server.
posted by vacapinta at 4:14 AM on March 9, 2011


Seconding Little Snitch. Don't boot up without it.
posted by unSane at 4:20 AM on March 9, 2011


- I'm only asking about when I'm at home on my home network. Obviously it's a different story when I'm in the office on their network. In that environment I always assume that I'm being observed even though I'm probably not.

From a legal point of view, this isn't relevant. Employers are allowed to record your activity on company devices regardless of where you're located.

From a technical point of view, it's often easier to monitor activity at the network level rather than install software on each workstation. This still doesn't answer your question, though, especially if you require a "high degree of confidence." To ensure that you're not being monitored you'd need to re-install the operating system from scratch using the original DVDs from the box. I don't recommend you do this, though, unless as said above, they handed you a brand new Apple box and let you set up the computer. You'd also lose any company-specific applications that they may have installed for you by doing this.

If we drop the "high degree of confidence" part, and assume your employer isn't hiding software on the computer, you can: That should be sufficient protection for the majority of circumstances.
posted by odinsdream at 5:55 AM on March 9, 2011 [1 favorite]


If you want to be 100% sure without putting in a ton of effort, reinstall OS X. Assuming your OS X that came with the computer are clean of course.
posted by valadil at 10:51 AM on March 9, 2011 [1 favorite]


Asking someone in the tech department seems like poor form since it's sort of like saying, "So, can I look at porn all day without you knowing?"

If it makes you feel any better, I have been asked some variation of this question countless times over the last two decades.
posted by JaredSeth at 12:50 PM on March 9, 2011


« Older How do I develop thicker skin ...   |  goal: ipad + wifi + google voi... Newer »
This thread is closed to new comments.