I work on a corporate laptop that has an infamous root CA certicate installed, which allows the company to intercept all my browser traffic and perform a MITM attack.

Ideally, I’d like to use the company laptop to read my own mail, access my NAS in my time off.

I fear that even if I configure containers on that laptop to run alpine + wireguard client + firefox, the traffic would still be decrypted. If so, could you explain how the wireguard handshake could be tampered with?

What about Tor in a container? Would that work or is that pointless as well?

Huge kudos if you also take the time to explain your answer.

EDIT: A lot of you suggested I use a personal device for checking mails. I will do that. Thanks for your answers!

  • catloaf
    link
    fedilink
    English
    arrow-up
    105
    arrow-down
    1
    ·
    3 months ago

    Don’t. Just fucking don’t. Keep your personal stuff off your work equipment and vice versa. I don’t know why people keep wanting to do this, because it only leads to trouble.

    • BearOfaTime
      link
      fedilink
      arrow-up
      29
      arrow-down
      3
      ·
      3 months ago

      Adding on:

      Anything you do with a company device brings liability to them, which is part of why you should keep things separate, and part of why they manage devices.