How much can "tech" at work see of what I am doing?
October 27, 2013 9:52 AM   Subscribe

How much can "tech" at work see of what I am doing?

I have a job in which I telecommute but use a software tool devised by my place of employment downloaded into my browser's tools in order to annotate videos. While the browser is open, I have to open the add-on, sign into it, and collect information about videos that I find online. (url, and notes about the video which get filled out on the form). While the videos are playing I usually click over onto several other tabs to look at other things online. For each tab that is open, the software add-on is open, too. (it opens automatically on the side of each window).

Recently I got an email from the company of employment (addressed to everyone) saying that everyone needs to watch the whole video before submitting the annotations for it and that tech has "data" on who is submitting videos without watching the whole thing first. I believe that the email refers to people hitting submit before the video is over which means they might miss information. I always play the videos in their entirety but also click to other websites while they are playing. However, now I am wondering how tech has this data and what other data they have? How can they tell how much of the video has been played before the information has been submitted about it? Furthermore, can they also see all of the websites I am visiting through this add-on tool? If I want to keep going online while the videos are playing can I open a second browser which does not have the add-on tool open?

PS- the work is all done on my personal computer
posted by anonymous to Computers & Internet (11 answers total)
 
Sorry, but your questions are literally impossible to answer without examining the add-on tool. It's entirely possible it's sending all your browser data back to "tech" just by being installed as an add-on. It's also entirely possible that it's not. There's just no way for us to know.
posted by erst at 9:56 AM on October 27, 2013 [1 favorite]


Without seeing the software in question it's tough to say what they're actually able to see on your computer, but if you're installing their software, the sky is the limit on what they could *possibly* be seeing - or doing for that matter.
posted by deadmessenger at 9:57 AM on October 27, 2013 [3 favorites]


The email might just be a frightener or it might not but if their software is running in your browser you should assume that at the very least they can monitor everything you do in that browser (history, bookmarks). If you are bothered I would try using another computer for your personal use.
posted by epo at 10:01 AM on October 27, 2013 [1 favorite]


Do you use a VPN? If you do, all your traffic goes over the corporate network, and they can see exactly what sites you visit. If you don't, it's still technically possible but a lot less likely.
posted by miyabo at 10:02 AM on October 27, 2013


If you're using Chrome, you might want to consider using an incognito window to do your non-work browsing. By default, Chrome doesn't allow extensions in incognito mode, although you can now allow them individually in the extensions settings.

If it is a browser extension, it won't be able to see any activity outside the browser it's installed in, so if you want to be safe it's probably best to use a different browser entirely for your non-work browsing.
posted by spielzebub at 10:19 AM on October 27, 2013 [4 favorites]


You open the add-on, sign into it and For each tab that is open, the software add-on is open, too. They very likely know what tabs are open, for how long, and probably what tab has the focus, i.e., what tab is in front. VPN - depends how it's setup. My company's VPN only affects data I get from the company network; it ignores traffic to other domains. I would clarify with your supervisor what the policy is. If I were to do anything else while working, like check mail, read MeFi, etc., I would do it from my smartphone, tablet, another computer.
posted by theora55 at 12:23 PM on October 27, 2013 [2 favorites]


Do you use a VPN? If you do, all your traffic goes over the corporate network, and they can see exactly what sites you visit.

This is not always true. If they have a setting called "split tunneling" (or something similar) enabled then only the traffic going to the corporate network goes over the VPN, with the rest going directly to the Internet.
posted by deadmessenger at 3:01 PM on October 27, 2013


It's your computer, it seems like you should create a user/profile/account for work stuff to isolate the personal and the professional activities. This would create some two-way protection for both you and work.
posted by wobh at 3:08 PM on October 27, 2013


A browser plug-in or add-on can potentially monitor everything that is happening on your computer, from every single keystroke and mouse clicks, to the computer's microphone and webcam. So, potentially, the add-on is able to monitor whether the video is on the active top-most window all the time, even if you are doing things outside of the web browser (such as in another browser.)

(Of course, the add-on can potentially do all that does not mean it is actually doing all that.)
posted by applesurf at 5:35 PM on October 27, 2013


Having written several browser plug-ins professionally, and having worked in multiple browser code-bases professionally, I can tell you that it is possible for them to know everything you do.

Trivially they can collect data about the pages you visit: how many tabs are open, the url of each tab, the duration of each tab, which is foreground, and any clicks, key presses or other user input into pages. If it's in the interest of their bottom line, they probably do it.

Do you use a VPN? If you do, all your traffic goes over the corporate network, and they can see exactly what sites you visit.

As others have pointed out, that might be true but depends on your VPN configuration, and is probably false. Most companies don't want all the traffic because it costs more to handle all the traffic. But even if they don't do this, it's still trivial for them to collect the information from your browser without routing the traffic through the VPN.

If it is a browser extension, it won't be able to see any activity outside the browser it's installed in.

This is also false. If you ran an installer as administrator to install the plug-in, it can be configured to run native code that is not subject to browser security models. This is more difficult, but entirely possible. It is, however, unlikely because the sorts of things you have to do to make this possible tend to be evident. So, using a different browser or private browsing mode is probably sufficient.

If you're feeling adventurous, you can spy on the spies. If they're just posting back data via http, you can use Fiddler and see what they are sending. If they're sending it back using other protocols you can use wireshark, which is more detailed but harder to use. Chances are whatever they are sending back will be fairly human readable... if you can find it.

However, you may violate your employment agreement by doing any of the above. I dunno, I'm not a lawyer.
posted by jeffamaphone at 8:51 PM on October 27, 2013 [1 favorite]


If you want to be sure they can't see what else you are doing on that computer, use a different computer to look at the other things.
posted by yohko at 10:40 PM on October 27, 2013 [1 favorite]


« Older Trees and snow   |   How can I look for digital media... Newer »
This thread is closed to new comments.