So the device, the notebook/laptop, in this case, is Employer equipment & ‘locked down’? That compounds things. There’s no telling what they’ve got loaded on there that could be for tracking/reporting. I’d only use that computer for work; keeping my personal life wholly separate on a different one.
yes, that is correct. I never use it for private stuff.
Make sure location services, Bluetooth is killed/never used. I’d set the clock to UTC of your home timezone & make sure it doesn’t connect to the 'net to get current time updates (eg: time.windows.com , 0.openwrt.pool.ntp.org)
thanks for that one, done.
–
Eg:
Be aware the GL router uses NTP by default; you can turn it off after installing LuCI via System → Advanced Settings. Once installed, log into LuCI & navigate to System → System Properities → Time Synchronization → Enable NTP client. Untick, save & apply.
(The goal here is to ‘quiet’ that bit of default network traffic)
thanks for that one, done.
Regarding what’s ‘flowing’ from your notebook; there’s two options I can suggest, w/ rising complexity costs:
- If you GL device has [AdGuard Home] (eg: [Slate AX] found under GL GUI → Applications → Adguard Home, use it. You’ll see why I suggest it by GL’s description of that feature… but I don’t personally use it so it would be an exercise left to you. It looks like a pretty easy to use application IMO.
I have it set up now. When I’m on the employer’s VPN, I can’t filter any queries. Will listen to it later times without the vpn and see what it queries.
- Subscribe to [DeCloudUs DNS]'s Premium + service. 12.00USD/year. This is what I use for my devices: mobile, laptops, routers. Like AdGuard Home, you can log what’s happening from those devices directly to them, logging all connections made, then use that info to set custom block lists/profiles on top of their anti-tracking, anti-malware, privacy focused lists offered.
I think Adguard should get thw job done, too. I can block specific queries.
Eg: DeCloudUs offers a ‘deGoogle’ block list. I have that enabled but I also have a Samsung phone. I then logged all the connection made by the default Samsung apps running in the background (even unused!) for a few days. Then I block those connection’s domain names (eg: bixby.samsung.com, aibixby.com, sbixby.com).
Now there’s no more ‘AI assistant’ reporting what I do on my phone, wherever I go!
(This is also how I block TenCent’s TikTok ‘trackers’ on other family member’s phones trying to report back to China… & they never installed TikTok!)
The DeCloudUs method is more complex to initially set up but … & it’s a big but… gives more flexibility to reclaim your privacy when you’re using the 'net away from your GL-iNet router/device.
Let me know what you think; I know this can come across as more than slightly paranoid but these days, well, it seems they really are out to get us all.