571
submitted 1 year ago by t0fr@lemmy.ca to c/privacy@lemmy.ml
you are viewing a single comment's thread
view the rest of the comments
[-] Deathcrow@lemmy.ml 10 points 1 year ago* (last edited 1 year ago)

My work has a 100% mandatory vpn and mitm proxy for ssl scanning

These are worse than useless. They are anti safety. If this box or its private keys get compromised ALL tls traffic of all employees is immediately plaintext.

Any company that buys one of these appliances from mcafee or whatever is asking for it (losing most/all their secrets)

[-] AstridWipenaugh@lemmy.world 6 points 1 year ago

That sort of thing is required for a lot of enterprise certifications. When you do work for government, healthcare, banking, etc. stupid "security" is mandatory for checking off compliance requirements. Not that any of it has to be in any way effective...

[-] Deathcrow@lemmy.ml 0 points 1 year ago* (last edited 1 year ago)

when breaking the internet and end-to-end encryption are part of any kind of "enterprise certification" that certification is worthless (or worse) and probably some kind of chinese or russian (or the CIA or whoever, certainly not your friend) psyop. Only a mindless idiot would implement it.

[-] Lyricism6055@lemmy.world 3 points 1 year ago

Oh I 1000% agree. But you try to convince my opsec colleagues

this post was submitted on 22 Aug 2023
571 points (97.0% liked)

Privacy

32159 readers
423 users here now

A place to discuss privacy and freedom in the digital world.

Privacy has become a very important issue in modern society, with companies and governments constantly abusing their power, more and more people are waking up to the importance of digital privacy.

In this community everyone is welcome to post links and discuss topics related to privacy.

Some Rules

Related communities

much thanks to @gary_host_laptop for the logo design :)

founded 5 years ago
MODERATORS