Employee Surveillance Software

Eltuxo · November 17, 2020, 9:12am

This doesn’t bode well for those who work from home.

But here’s my question: suppose you’re working from home, but are using Linux. Would you be affected by the software on the list. (Supposing it’s possible to do the work on a linux machine).

I don’t know yet how this affects Europeans.
But i’ve read that in the Netherlands, the army was gathering intelligence (on/about?) it’s citizens and handing out the information to interrested parties. Who needs software? Defense will cover that.
Source:https://www.nrc.nl/nieuws/2020/11/16/willen-we-dat-defensie-alles-weet-a4020275#/next/2020/11/17/#108 (It’s in Dutch, i don’t know if there’s an english version available).

Kikuchiyo · November 17, 2020, 12:11pm

Funnily enough I cannot open this link, because I’m working from home on Intel’s VPN and the page is blocked there.

But I don’t see why similar software couldn’t work under Linux.

PatPlusLinux · November 17, 2020, 4:03pm

This is so dumb to me. Your employees are going to do their jobs. You have no reason to spy on them. This is abusive. You can’t squeeze blood from a stone.

Not too far off ago, at least in the USA, this kind of thing would force workers to give an abusive business owner a hairy and life changing experience off the books. This experience would usually curb the abusive behavior.

Why go back to that old way of life?

Mr_McBride · November 18, 2020, 12:18pm

This is very disturbing.

I’d love to see a follow-up article on how to detect such software…and a list of companies that employ such software.

Nothing good will ever come from this type of business practice.

MichaelTunnell · November 25, 2020, 5:07pm

This thread was featured and discussed in the Community Feedback section of Episode 201 of Destination Linux.

DL201 Discussion Thread:

Eltuxo · November 26, 2020, 8:27am

Regarding the interview with Tutanota, this article could serve as a nice reminder that privacy is a must these days. The main thing here is that a US court ordered google to hand over e-mails regarding the case. I don’t know if google has to comply, but this can get very ugly indeed.

PatPlusLinux · November 26, 2020, 1:51pm

I’d be interested to know if the courts could compel Tutanota to release the identity of the user, or even to modify their servers in a way to intercept the encryption keys and/or then compel the user to release their emails in a similar situation.

Eltuxo · November 26, 2020, 5:37pm

Good question. Seeing that Germany is part of the 14-eyes alliance, they could get confronted with this problem.

Oldschool · November 26, 2020, 9:17pm

I was asking myself the same question as Tutanota is one of the two email providers I’m interested in nowadays. Germany is also a prominent advocate for backdoors.

vinylninja · November 27, 2020, 12:03am

I am still about to listen to the show but I know Tutanota was obliged or forced various times by German courts to compel. Though I have no details about it.

At least in one case from this year they refused to make a backdoor and in the end the decision was accepted by the courts. The article about that is in German.

Eltuxo · November 30, 2020, 10:32am

It seems microsoft is adding a few things to its software too…

PatPlusLinux · November 30, 2020, 4:16pm

hahahahaha oh man. Microsoft suuuuuucks.

Another “productivity innovation” which mysteriously doesn’t work on management, only workers.

Oldschool · December 7, 2020, 6:02pm

Here we go…
Tutanota forced to create a « backdoor »

Eltuxo · December 8, 2020, 6:31am

There’s something i don’t understand here. (With the help of a translation engine. My german isn’t all that good. )
Quote:
“Now Tutanota has to program a new function for the prosecutors: If a valid order from a German court is available for an account, the company can also create a copy of the e-mails that the investigators can also read. They can still not read mails with end-to-end encryption. “I would rather take care of extended data protection functions for our customers than extended access rights for the authorities,” says Matthias Pfau. Of course, you stick to the legal requirements and cooperate with the authorities.” end quote.
Does this mean that they have implemented a way that authorities can read e2e encrypted mails or not?
Or do they provide a dump of encrypted mails?

Ethanol · December 8, 2020, 2:38pm

Oh boy, this is bad news. Makes me worry about Suse and Manjaro too.

vinylninja · December 8, 2020, 4:09pm

The authorities cannot read e2e encrypted emails but they can read mails that are not encrypted. Tutanota is against that practice but they have to comply.

That is from the source in German of that article in short. It is confusing. I have had to read it various times. This does not sound to be in favor of using Tutanota even though it was about a case of extortion. But I still have to listen to the show and maybe they can correct us how they handle such cases now.

Eltuxo · December 8, 2020, 5:53pm

Ok, thank you for the information. That helps a lot.
I’ve listened to the interview some time ago. I think i remember that the pr lady never said they were a zero-knowledge provider. But to be sure, i’d have to listen to that again.

vinylninja · December 8, 2020, 9:36pm

Tutanota on its official website in German claims to be the securest email provider in the world.

Eltuxo · December 9, 2020, 10:49am

I think that they, along with Protonmail, are the most secure providers out there a consumer could get.
If you’d want anything more secure, it would have to be some sort of government solution, or to set up your own server. (along with all the problems that’ll create).
Unfortunately, this has attracted some unwanted attention from the German government.
How do we know what they’ve implemented?
A good summary has been made by the people from the privacy intelligence and osint podcast about this: (episode 198)

vinylninja · December 9, 2020, 3:10pm

I agree and definitely would recommend one of both and I personally enjoy using ProtonMail.