I’m pretty sure my employers are using a keylogger

Nov 13 26 Comments

I thought my supervisor was reading my Slack DM’s, but after talking to some people at Slack who assured me thats impossible to do real-time (my messages are being read shortly after being sent) I now realize they’re being read another way.

I think it might be a keylogger. Is there a way to tell? I use an iMac & theres nothing physically attached to the machine...but they’re office machines on the office network, and as I understand these types of logging tools are designed to go undetected.

I‘ve always suspected our communications were being monitored, but I’m trying to zero in on how. Cuz if it does turn out they’ve been logging every keystroke on my work machine for the past couple years its like 🙃...

...sent from my iPhone X

comments

Want to comment? LOG IN or SIGN UP
TOP 26 Comments
  • They do this at big companies. I know for a fact that Cisco does this. Usually there’s a very specific process that’s running that tells you there’s a keylogger
    Nov 13 5
    • Wow, didn’t know Chuck is that insecure
      Nov 13
    • This was in long before Chuck. Chuck is a good guy but can’t lead a culture change to save his life.
      Nov 13
    • OP
      I assume so, but we’re a tiny startup, like 10 people in all. Yesterday, I sent a Slack message to someone on the team and a few minutes later got called into a meeting about it. Other things like this have happened before.

      So it’s less the fact that there may be a keylogger and more the way its being used. Talking to me about a private DM i sent someone else moments after it was sent feels like he’s watching the logging activity all day? Weird asf.
      Nov 13
    • Well yeah Slack is monitored by an admin. Some companies use NLP on messaging to get alerted on things like hate speech, harassment, etc.
      Nov 13
    • Cisco dVOQ12
      What Cisco does this !?
      Nov 26
  • Microsoft kvy
    I've always operated under the assumption that anything happening on my work device is the property of the company who owns the hardware, including any and all communication.

    But I've also always operated under the assumption that no one is bothering to read shit because no one's got time for that.
    Nov 13 3
    • Depends on who you piss off
      Nov 13
    • Microsoft kvy
      Fair. If you do something egregious and it's bad enough that there is legal involvement, then I would assume that your personal communications ARE definitely being monitored by your company.
      Nov 13
    • OP
      now i have started to unfocus from my editor window and start typing rap lyrics just to see if someones like what does two twin glocks have to do with anything
      Nov 14
  • This comment was deleted by original commenter.

    • OP
      Really? I’m an admin of a different org’s chats and I don’t see anything like that. Is this a paid feature? We use Slack’s free plan at the office. I looked into the discoveryAPI and slack’s policies and nothing about reading messages in real time jumped out at me. Good to know.
      Nov 13
  • Microsoft Femto
    Yes you can do a social engineering trick (a trap) that will uncover this, you will need a pen with camera recorder pointed to your desk and drawers and send a message that will make the interested party open your drawer like I got the pills you asked for in my drawer but just take one when I am not on my desk. after sending this tell your manager you are sick and you need to leave. come next day and watch if someone opened your drawer.
    Nov 13 5
    • Goldman Sachs J Dimon
      Can you legally install a camera?
      Nov 13
    • Microsoft Femto
      Can you legally install a key logger?
      Nov 13
    • Goldman Sachs J Dimon
      I asked that earlier, too.
      Nov 13
    • Microsoft Femto
      What I mean in dirty war anything is legal.
      Nov 13
    • Tableau / Eng
      0kool

      Tableau Eng

      PRE
      Microsoft
      0koolmore
      Most big companies legally use ssl interception software
      Nov 13
  • Goldman Sachs J Dimon
    That’s legal right?
    Nov 13 1
    • OP
      AFAIK, totally legal for a company, on a company machine. In the best interest of the company and may help data loss prevention...At some big enterprise corp I could see this being the foundation of the company security policy lol, but at a small startup it feels creepy & weirdly personal. 🤨
      Nov 13
  • Bank of America / Product Quacky
    So what if they are?
    Nov 13 2
    • OP
      At this point it seems likely. I just want to know for sure. I don’t think it’s illegal for an employer to do, tho.
      Nov 13
    • Bank of America / Product Quacky
      Absolutely not, you probably even signed something saying they can. What I will say is it's unlikely they would waste resources on that
      Nov 13
  • My company uses Mattermost (I know) and they absolutely do this.
    Nov 13 1
    • New h0r4y
      Which company is this
      Nov 26
  • Roku de Vil
    I think you're just paranoid. No one is tracking you...
    Nov 13 1
    • OP
      literally the best case scenario
      Nov 13

Salary
Comparison

    Real time salary information from verified employees