> Because the majority of remote work communication will be electronic rather than face to face. It will be monitored, stored and searchable (Slack logs, GSuite email, etc.) That’s much more difficult to achieve at the proverbial water cooler.

The majority of communication is already electronic. I've worked in offices and remote, there is practically no difference on that front. Most discussion takes place in Slack, Jira, GitHub, and email either way. Most companies already have team members distributed across various offices, remote work isn't new. If you want to avoid monitoring, then spin up a Google Hangouts or Zoom meeting, nobody is monitoring that.

The difference is that in an office, 1. your physical presence is also monitored (no joke I worked at a office once where every day an office assistant would secretly record what time everyone showed up to their desks) 2. your internet is also monitored, which is extremely creepy and I'm surprised this doesn't get more attention.

When I work remotely, there are no IT managers able to spy on my internet traffic. Sure there may be some dystopian corporations who try to force their remote workers to log into "company VPNs" and install "monitoring software" - I have absolutely no interest in working for any such companies and have never had to deal with that.

As a software engineer I've been fighting for the freedom to work remotely for ever since I joined this industry, so having the freedom to live wherever I want, and work whenever I want is a huge win. I've already been working remotely since pre-COVID, so I'm happy that other workers will also be able to enjoy this freedom.

If you work at a corporation beyond a certain size, usually big enough to have an IT department vs one 'IT guy', there is definitely some sort of monitoring software installed on the computers given to you.

It just lives in kernel modules or as a OS config and they do not tell you as an employee, and it's done for 'compliance' or 'security' reasons so it's not obvious what it is when you look at a list of processes on your computer in the task manager.

Some popular ones in the bay area for macOS at startups are crowdstrike, carbon black, jamf, openvpn, umbrella, crashplan, munki, etc. Not mention the OS management configuration stuff like MDM profiles for macOS and active directory configurations for windows. A lot of brand name corps you might think are 'good guys' use this, like lyft or dropbox. Similarly with companies FANG, where it might custom software.

Yeah, like the one FB open-sourced (and uses internally still, I believe): https://osquery.io/

I think this is a super good tool, except for all the privacy implications.

Osquery core developer, consultant, and technical committee member here...

We've always treaded carefully around privacy concerns as a project. This is why you don't see tables that access information such as browser history. If you join our Slack channels you will see open discussion of privacy implications for changes and improvements.

There's a balance to be struck between visibility and privacy. If a security team has no visibility into a system, they can't secure that system. This doesn't mean they need to be able to look at your family photos and read your messages.

I work with folks who care deeply about privacy and trust with their users. These folks ensure that osquery configurations are available to users, so that they can see what exactly is being monitored.

If you are curious what osquery can do, I encourage you to check out https://osquery.io/schema/4.3.0/.

I think the real issue, that has nothing to do with osquery or any specific piece of software, is the corp being able to push any software on worker's computers and spy on their employees secretly. I call it the stalker IT employee problem or the psychopathic manager / lawyer problem.

The solution will be legal I think in the end, like in some european countries that don't let you do this kind of surveillance on your employees. And if you want to look at an employee's work emails, you do it in front of them with their lawyer present.

I'm glad you guys are trying to keep some semblance of privacy although.

If you’re working from home wouldn’t the way to go just to have a second physical machine set up next to your work machine and do your personal communication from there?

Yes that is what I recommend. At work I have a second BT keyboard and send messages through my phone.

There is definitely still friction in the entire process (ex send a link to an HN article to a friend that you saw in your work machine web browser) which induces a lot of people to just login directly on their work machines.

Since we are all WFH now I've been meaning to set up some sort of synergy setup so I can keep it really separated, but still have less friction in the 'share a link' scenario.

Good points. Not saying there isn’t an upside to remote work, but there are downsides as well, which in the long run, may overshadow the benefits. It’s much harder to build camaraderie in a Hangout or Zoom than in frequent, random, physical interactions with people. There’s also a biological component to bonding (pheromones, touch, oxytocin, body language, etc.) that simply won’t exist in a virtual environment.

I’d also point out, you’re enjoying the luxury of those freedoms (privacy, non-creepy norms) because labor power still exists and you can easily move to a different company or whatever. But fast forward 10 years, everyone is remote, labor pool is much larger, norms of monitoring and policing communication are established, then things start clamping down across the board as standard practice.