can you not leave the work laptop at home and remote into it with a different laptop?
I feel like this usually would require remote software that your company would both block and ask why you're trying to remote in to begin with. A better bet would be an ipkvm solution if you wanted something similar but depending on the company that may be blocked as well.
True. Although I doubt they would be concerned about the laptop being connected to an external display and input devices so it would at least be feasible to remote into an intermediary controller though I don't know if there is anything off the shelf for this.
Yes connect only on wire. You can disable the wifi and Bluetooth adapter in windows. Control panel>network and internet.
It may be possible to disable WiFi in the UEFI firmware as well.
Maybe , however I doubt it it has all the lockdowns from corporate. Question is what boobytraps exist , 1 if boot setting are changed or if 2 physical opening of laptop to remove wifi module / antenna cables
I would run the tunnel from the local travel router (just another GL iNet one I guess) to your US wireguard server, and make sure nothing can route anywhere if that tunnel drops!
Disconnecting the antennas is undetectable remotely, but the card will still sometimes pick up signals I think. Maybe a non-conductive faraday cage/bag/material can be wrapped/taped around it to make the odds very low.
Removing the card entirely can theoretically trigger a TPM holding eg BitLocker keys to reset and make the drive unable to be decrypted without the recovery key. Save your recovery key within the OS if it'll let you. If you can't, from my research it doesn't seem like TPMs generally reset over Wi-Fi cards going missing.
Interestingly, it does look like you can monitor and change bios settings using PowerShell; however, I'm not sure someone would go through the effort to actually monitor those settings. Endpoints like a laptop are disposable to a large enough organization. They do not want to baby the devices and micromanage each one of them, if troubleshooting an issue is going to take longer then just replacing the device, they'll likely just replace it. Getting into the weeds of monitoring the bios of every end point for changes just seems like a huge waste of time. However, I could see them password protecting the UEFI, in which case cracking open the device and disconnecting the Wi-Fi module is your best bet. I doubt they'll be monitoring for that as well. Opening the device shouldn't raise any hairs because people already beat the shit out of their devices as it is.
I'd remove the Wi-Fi card. Then use a travel router to bridge any Wi-Fi network you need to use and connect to the laptop via Ethernet.
WiFi databases are a pain in the ass. For me the path of least resistance was leaving the laptop in the US with a KVM (PiKVM) to control it I had to use a home automation finger robot to access the power button in case of a hard reset being required and left an emergency way back in over an LTE. I'd had 8 hours of video calls in (then) 5 years working there so wasn't worried about any of that. My microphone for meetings was Droidcam, I was in a position to install that on the laptop, and route to it "locally" over the same wireguard setup from my phone as I used to access the PiKVM.
Sounds like your laptop is not very locked down, if you can attach any old USB device to it. If I were reattempting this today I'd probably go with the travel router as mentioned. Maybe if there's an open USB Wi-Fi card we can hack it to always show a fake Wi-Fi list + real nearby networks added manually.
You can use something like Pangolin and a local machine on your home network to set up a tunnel.
or wireguard.
That's what it runs on, just makes it easy to spool up tunnels remotely. It's Traefick and Wireguard rolled into one
The wifi on a laptop is likely a removable card. You can take the card out.
Your webbrowser Firefox/Chrome/etc uses nearby wifi networks to geolocate you.
There’s some decent ideas in this thread.
Have you considered the lower tech, North Korean method? Simply pay someone in $place_laptop_is_supposed_to_be to hang onto it, keep it running and connected to the internet 24/7 and remote in to work on the device.
On the road to fully automated luxury gay space communism.
Spreading Linux propaganda since 2020
Rules: