A barely perceptible keystroke delay was the smoking gun that led to the uncovering of a malign imposter.
  • Templar238@lemmy.zipEnglish
    533·
    18 hours ago

    Worked at Google and can confirm if you typed your password into a non org website you were flagged and asked to reset your PW. The problem is some of the training websites Google used and were Google branded were apparently non org websites. But it shows they are looking for “certain key strokes”

    • fonix232@fedia.io
      112·
      18 hours ago

      My employer does the same over a proxy. Luckily it can’t breach HTTPS, but it was annoying to set all my APs and router and switches and other network nodes to HTTPS just because the damn thing would block the site the moment I sent my password in cleartext to a local device

      • Ghoelian@piefed.socialEnglish
        7·
        14 hours ago

        set all my APs and router and switches and other network nodes to HTTPS

        What does that mean? HTTPS is a client-server thing, your APS and switches don’t really have anything to do with that.

        • fonix232@fedia.io
          4·
          7 hours ago

          Web control panel. All my network runs OpenWrt and I prefer to manage it from the web UI instead of terminal tinkering.

          • Ghoelian@piefed.socialEnglish
            1·
            7 hours ago

            Ahh that makes sense. I thought you were claiming you somehow got all your traffic over HTTPS with some AP settings.

        • Darkassassin07@lemmy.caEnglish
          5·
          12 hours ago

          Setting their management interfaces to be accessed via https because the VPN blocks (after snooping on) http only access would be my guess

      • Brkdncr@lemmy.worldEnglish
        9·
        16 hours ago

        You’re sure they aren’t decrypting your traffic? Check the root cert of any site and see if it’s their own root.