Ask Lemmy

26707 readers

1421 users here now

A Fediverse community for open-ended, thought provoking questions

Please don't post about US Politics.

Rules: (interactive)

1) Be nice and; have fun

Doxxing, trolling, sealioning, racism, and toxicity are not welcomed in AskLemmy. Remember what your mother said: if you can't say something nice, don't say anything at all. In addition, the site-wide Lemmy.world terms of service also apply here. Please familiarize yourself with them

2) All posts must end with a '?'

This is sort of like Jeopardy. Please phrase all post titles in the form of a proper question ending with ?

3) No spam

Please do not flood the community with nonsense. Actual suspected spammers will be banned on site. No astroturfing.

4) NSFW is okay, within reason

Just remember to tag posts with either a content warning or a [NSFW] tag. Overtly sexual posts are not allowed, please direct them to either [email protected] or [email protected]. NSFW comments should be restricted to posts tagged [NSFW].

5) This is not a support community.

It is not a place for 'how do I?', type questions. If you have any questions regarding the site itself or would like to report a community, please direct them to Lemmy.world Support or email [email protected]. For other questions check our partnered communities list, or use the search function.

Reminder: The terms of service apply here too.

Partnered Communities:

Logo design credit goes to: tubbadu

founded 1 year ago

MODERATORS

[email protected]

Will enterprise endpoint protection software on my laptop have control over what is happening inside a VM? (feddit.org)

submitted 2 months ago by [email protected] to c/[email protected]

8 comments fedilink hide all child comments

I've been issued a work laptop with Windows 11, running the Sophos Endpoint Agent, which monitors all web traffic and processes running on the PC and blocks malicious stuff.
If I install a Linux VM on it and access the web from inside it, will the Endpoint Agent see what I'm doing and be able to block access the same way as it does on the host?

I guess what I'm asking is, how does accessing a website from inside a VM work, actually? Does all the traffic get routed through the host OS unencrypted?

The purpose isn't to try to circumvent any security measures or go over the heads of the IT department, but rather to find out if I can make a case for using my favorite OS on this thing without compromising security.

you are viewing a single comment's thread
view the rest of the comments

[–] [email protected] 18 points 2 months ago

Consider it non-secure for personal stuff. Consider the possibility of full monitoring. They may not see the contents of encrypted traffic from the VM, sure, but there's still a possibility of keylogging and even screen monitoring, possibly something else.

To answer your question, the guest OS should reject the security software's certificates, should it attempt MITM. Otherwise there wouldn't be much of a reason to use HTTPS over plain HTTP.
It can still do blocking I guess.

Secondly, it's a work device, and that software is there for a reason. Trying to get around it may have different results. Your employer might not care much, or they could assume something malicious on your side, and fired you are.
So don't use it past work-related use cases, don't borrow it to kids nor anyone else. That bit of hardware is most likely not worth the risk.