I was connected to the uni’s wifi, which I access with my institutional account, on my personal laptop. If using the app Notion - accessed with my personal gmail account - and writing on it, what can they see? do they have access to what I’m writing? Do they just see I’m using it?

  • stoy@lemmy.zip
    link
    fedilink
    arrow-up
    0
    ·
    3 months ago

    IT guy here, I work in the finance industry and have never worked with eduroam, but I have some experience of what we normally can see.

    I am not an infosec guy, so I can’t speak to what they can see.

    In my experience a normal IT team will see the connections your computer makes to the remote host (in this case google), but can’t see the information transfered.

    This depends on if your connection uses https (gmail does) and weather or not the network uses deep packet inspection.

    Https encrypts the traffic, sort of like you putting a big pink stuffed elefant in your car boot and driving it to your new place, people won’t see the big pink elefant, but they will see your car going from A to B.

    Deep packet inspection is like a security checkpoint between A and B, the officers will open you car, log that you are carrying a big pink stuffed elefant, and send you on your way.

    You can use a tool like ssllabs testing service to find out the issuer of a certificate, and compare that to the issuer on the certificate you get in your browser.

    Here is the link to ssllabs testing service:

    https://www.ssllabs.com/ssltest/

    However, the most important thing to remember is that we as IT guy don’t care about what you do unless you break the rules or in some other way are causing harm to the network.

    We don’t do pinpoint surveilence, unless we have a reason to.

    We collect data yes, but that is only really used for statistics and troubleshooting.

    But we have plenty of automation that will log the shit out of a misbehaving system, there are plenty of similar systems, but the one I am familiar with is Microsoft Defender 365.

    If it notices something odd or bad it will log everything related to it, files modified, the user running the program, registry values changed, connections to other computers, commands run, and more, but it will only do that when bad action is being taken, not just by connecting to gmail.

    We in IT don’t have time or interest in looking at generic logs for fun.

    The one thing that might be putting you on the radar is the use of a third party app, it might not be approved software if you ran it on a company laptop, but since it is a personal laptop, I wouldn’t worry about it.

    TL;DR: It is doubtful that they will see what you have written, and even less likely that they have access, and even less likely that they care or even knows about it.

    But if you fear people reading what you write, you have two options, one easy, the other one less so.

    1. Stop writing, easy, then there is nothing to be found.

    2. Local encryption, get veracrypt, create a new encrypted file, mount it, format it, and save your texts there.