If it’s a work laptop, treat it like it has tracking software on it. Don’t use your work computer for personal stuff that you don’t want your employer to see. Period.
Yes, but my point is that you’re asking a flawed question. It’s possible for us to give you a bunch of different services or processes to look for, but it’s trivial for these companies to just make a new service or process with a different name that’s harder to find. You’re trying to play a cat and mouse game that you’re not going to win.
I work in IT. Most of our clients’ computers are managed by an MDM, which means that we can push ANY package or software to the computer at ANY time, without notifying the user. Most of our clients don’t bother with tracking software, but some do. And make no mistake, tracking software is basically legal spyware.
So, my point is this: it doesn’t matter whether or not you have evidence of tracking software on your computer. Just assume that it’s there, and don’t use your computer for anything you don’t want your employer to see. That is the safest route.
Disclaimer, I have not studied the software in question and there are many ways to implement it, so this isn’t a way to say a computer is clean, just a way to detect if it’s infected.
Typically, keylogging programs like these are installed as device driver filters. Open devmgmt.msc, locate your keyboard and right click -> properties -> details tab -> property drop down -> upper filters and lower filters.
These should be empty normally. If there are entries present then you have some program that is hooking into your keyboard driver and accessing your keystrokes.
Similarly, there should be a filter on your mouse if it is being listened to.
If you are especially paranoid, you can jot down the GUID of the keyboard and mouse driver (it looks like a long hex number with dashes surrounded by {}s), then shut down the computer and boot to a rescue disk, open up regedit, mount the registry hive for SYSTEM it’s located in \windows\system32\config\system, (let’s say you mount it to SYSTEM.remote), then navigate to SYSTEM.remote\CurrentControlSet\Control\Class\
Then you scroll through this key’s values and look for UpperFilters and LowerFilters.
The reason why you do it this way is to avoid a rootkit situation, where a driver also hooks into requests to the OS for certain information, and uses that to hide its presence.
As there are dozens of different ways to track different stuff, this can’t be answered easily. Try to open the task manager and examine the processes is a start.
But that’s only for tracking software. You could also examine the data you create Server-Side and just assume stuff. Like: you are away in teams and you haven’t touched files in Sharepoint for 60mins, so we assume you don’t work right now.
You are not logged in. However you can subscribe from another Fediverse account, for example Lemmy or Mastodon. To do this, paste the following into the search field of your instance: !privacyguides@lemmy.one
In the digital age, protecting your personal information might seem like an impossible task. We’re here to help.
This is a community for sharing news about privacy, posting information about cool privacy tools and services, and getting advice about your privacy journey.
You can subscribe to this community from any Kbin or Lemmy instance:
Check out our website at privacyguides.org before asking your questions here. We’ve tried answering the common questions and recommendations there!
Want to get involved? The website is open-source on GitHub, and your help would be appreciated!
This community is the “official” Privacy Guides community on Lemmy, which can be verified here. Other “Privacy Guides” communities on other Lemmy servers are not moderated by this team or associated with the website.
Moderation Rules:
We prefer posting about open-source software whenever possible.
No soliciting engagement: Don’t ask for upvotes, follows, etc.
Surveys, Fundraising, and Petitions must be pre-approved by the mod team.
Be civil, no violence, hate speech. Assume people here are posting in good faith.
Don’t repost topics which have already been covered here.
News posts must be related to privacy and security, and your post title must match the article headline exactly. Do not editorialize titles, you can post your opinions in the post body or a comment.
Memes/images/video posts that could be summarized as text explanations should not be posted. Infographics and conference talks from reputable sources are acceptable.
No help vampires: This is not a tech support subreddit, don’t abuse our community’s willingness to help. Questions related to privacy, security or privacy/security related software and their configurations are acceptable.
No misinformation: Extraordinary claims must be matched with evidence.
Do not post about VPNs or cryptocurrencies which are not listed on privacyguides.org. See Rule 2 for info on adding new recommendations to the website.
General guides or software lists are not permitted. Original sources and research about specific topics are allowed as long as they are high quality and factual. We are not providing a platform for poorly-vetted, out-of-date or conflicting recommendations.
If it’s a work laptop, treat it like it has tracking software on it. Don’t use your work computer for personal stuff that you don’t want your employer to see. Period.
Well, thx. But this was not my question.
Yes, but my point is that you’re asking a flawed question. It’s possible for us to give you a bunch of different services or processes to look for, but it’s trivial for these companies to just make a new service or process with a different name that’s harder to find. You’re trying to play a cat and mouse game that you’re not going to win.
I work in IT. Most of our clients’ computers are managed by an MDM, which means that we can push ANY package or software to the computer at ANY time, without notifying the user. Most of our clients don’t bother with tracking software, but some do. And make no mistake, tracking software is basically legal spyware.
So, my point is this: it doesn’t matter whether or not you have evidence of tracking software on your computer. Just assume that it’s there, and don’t use your computer for anything you don’t want your employer to see. That is the safest route.
Disclaimer, I have not studied the software in question and there are many ways to implement it, so this isn’t a way to say a computer is clean, just a way to detect if it’s infected.
Typically, keylogging programs like these are installed as device driver filters. Open devmgmt.msc, locate your keyboard and right click -> properties -> details tab -> property drop down -> upper filters and lower filters.
These should be empty normally. If there are entries present then you have some program that is hooking into your keyboard driver and accessing your keystrokes.
Similarly, there should be a filter on your mouse if it is being listened to.
If you are especially paranoid, you can jot down the GUID of the keyboard and mouse driver (it looks like a long hex number with dashes surrounded by {}s), then shut down the computer and boot to a rescue disk, open up regedit, mount the registry hive for SYSTEM it’s located in \windows\system32\config\system, (let’s say you mount it to SYSTEM.remote), then navigate to SYSTEM.remote\CurrentControlSet\Control\Class\
Then you scroll through this key’s values and look for UpperFilters and LowerFilters.
The reason why you do it this way is to avoid a rootkit situation, where a driver also hooks into requests to the OS for certain information, and uses that to hide its presence.
As there are dozens of different ways to track different stuff, this can’t be answered easily. Try to open the task manager and examine the processes is a start.
But that’s only for tracking software. You could also examine the data you create Server-Side and just assume stuff. Like: you are away in teams and you haven’t touched files in Sharepoint for 60mins, so we assume you don’t work right now.