Stop Breaking TLS

(www.markround.com)

170 points todsacerdoti | 1 comments | 10 Dec 25 07:06 UTC | HN request time: 0.297s | source

Show context

samuel ◴[10 Dec 25 09:31 UTC] No.46215799[source]▶

I agree with the sentiment, but I think it's a pretty naive view of the issue. Companies will want all info they can in case some of their workers does something illegal-inappropiate to deflect the blame. That's a much more palpable risk than "local CA certificates being compromised or something like that.

And some of the arguments are just very easily dismissed. You don't want your employer to see you medical records? Why were you browsing them during work hours and using your employers' device in the first place?

replies(3): >>46215855 #>>46216169 #>>46216703 #

itopaloglu83 ◴[10 Dec 25 10:28 UTC] No.46216169[source]▶

>>46215799 #

I’m all for privacy of individuals, but work network is not a public internet either.

A solution is required to limit the network to work related activities and also inspect server communications for unusual patterns.

In one example someone’s phone was using the work WiFi to “accidentally” stream 20 GB of Netflix a day.

replies(1): >>46216814 #

sceptic123 ◴[10 Dec 25 12:09 UTC] No.46216814[source]▶

>>46216169 #

What's the security risk of someone streaming Netflix?

There are better ways to ensure people are getting their work done that don't involve spying on them in the name of "security".

replies(2): >>46217226 #>>46218211 #

1. itopaloglu83 ◴[10 Dec 25 14:39 UTC] No.46218211[source]▶

>>46216814 #

What’s wrong with watching Netflix at work instead of working? That’s not for me to say, but I understand employers not wanting to allow it.

↑