So, you know commercial spyware? No I’m not referring to ads or things like pegasus. Talking about those weird providers that market to schools, employers and shitty partners
What measures could be taken to mitigate these threats? When physical can be assumes but the attacker isn’t skilled, just using one of said tools? How would this vary between phones and laptops for example?
Thoughts?
No I’m not in danger, just get curious about this subject once in a while
If your school or employer has an MDM solution on their laptop that they issue to you, you have 0% of privacy. You could use DNS over HTTPS which will prevent your DNS queries from being picked up, but the MDM could issue their own CA and even intercept https traffic. They can also record your keystrokes and screen. It would be wise to think of the machine as compromised, just not by a threat actor.
For maximum privacy, only use the devices for the minimal work necessary. Don’t log into anything for personal use, and use a separate device you’ve purchased yourself.
Yea. We don’t have school devices but this is basically how I would treat my windows partition in my old dual boot (said windows was for school)