-1

Today while browsing on my mobile phone connected to my employer's wifi, I clicked on the link to a tumblr page. I then got an error message saying the web filter had blocked the page deeming it pornography. When I disconnected from the wifi and reloaded the link, there was no porn on that page. I know recently tumblr has changed their content filtering, and thus a lot or pages have been unnecessarily marked as nsfw, even when they have no adult or nsfw content. My question is, will my employer see that I accessed this site? Will they know that link was not actually porn?

My question is specifically if it will flag their system or notify them somehow even though the site isnt actually porn?

Amanda K
  • 1
  • 1
  • 1
  • 2
  • 3
    That's something we can't answer without knowing exactly how their business is run. All I can say is that it _can_ be flagged, and many firewalls/filters will flag it. They won't know or care if it's porn or not. They just know that you tried to visit a blocked site. Unless your employers are a particular breed of evil, they won't care that you briefly tried to visit one single blocked site once. – forest Dec 28 '18 at 02:36
  • Will they be able to trace it specifically to me, given I was on my mobile device and not desktop? I'm not too clear on how this works exactly. – Amanda K Dec 28 '18 at 02:42
  • 3
    If you connected via the company network, they will likely know it is you. – forest Dec 28 '18 at 02:42
  • @forest evil need not be a factor. If the business is childcare, there will be a greater investigation into hits to porn *while at work*. I have also been in charge of security at a company where we hired a ton of new grads and porn became a problem. We investigated each porn hit for a while. – schroeder Dec 28 '18 at 12:55
  • @AmandaK "even though it isn't porn" that does not matter at all. It has been classified as porn and that will be recorded by the system. Your question seems to be if you will get into trouble for this, and we cannot answer that. What your employer will *do* with the information the system gives them is entirely up to them. Other than that, this is a duplicate of the other question. – schroeder Dec 28 '18 at 12:58

1 Answers1

-2

Good news is, you were most likely hit by some filter setting in the firewall, and they probably won't bother checking any further than looking at some summary figures in monthly traffic report.

will my employer see that I accessed this site?

They definitely know what link you have tried to access - anything that shows in your address bar that has https - so if you visited gmail they'd see you stayed at https://www.google.com/intl/en/gmail//# for 5 minutes. They will not have its contents though, as the traffic is encrypted.

They know about any web page and it's contents without encryption (http://) if they sniff packets. They know the IP and MAC address of your device and credentials you have used to connect.

Depending on the policy of your company just the credentials might point to you. If the device you have used belongs to your employer, they know it's you.

If the phone you used is private and the authentication method for your Wifi is some global password (something like YourCompanyNameWifi/ some_global_pass) it's less likely to be traced back to you, but still possible (multiple passwords might be generated for the single WiFi network, they might trace it by access point you were connected to as it's location is known etc.)

And there is always metadata, f.e. if your 'that guy' that is fascinated by turtles and what you did earlier was googling some cute turtles on google images, well, they will assume it's you.

Will they know that link was not actually porn?

Not really. They might use global lists or some custom made ones to filter traffic, and they usually target sites as a whole and don't bother with specific links to its resources.

will flag their system or notify them somehow even though the site isnt actually porn?

If they use global lists, this will update automatically without them ever noticing. If it's their own custom filter, then it's probably a good idea to notify them about the mistake.

Don't be too stressed about it, while I am not currently an admin in my company, I work as a programmer and lots of resources and sites I try to access are being hit by our web filter settings (we use Fortinet solutions).

If you need to access some given site and it's blocked, notify the IT, they will know what to do.

Luntri
  • 162
  • 5
  • 2
    This is wrong. If you visited an address over TLS, you would only see the domain (and subdomain), not the path. So in your example, they would only see a connection to www.google.com, nothing else. – forest Dec 28 '18 at 11:41
  • Did I get anything else wrong ? – Luntri Dec 28 '18 at 12:02
  • Nothing else that I can see. – forest Dec 28 '18 at 12:03
  • Default phone names mention the first name of the account holder, "Amandas iPhone", etc. – schroeder Dec 28 '18 at 13:00
  • 2
    @Luntri you do not know the policies of the company, or any technical details. You do not know if the OP needed to install a certificate so that the employer could do inspection. You are making a lot of assumptions and making a conclusion. As an admin, I can use the alerts I have right now to know that "Amanda's iPhone" hit Tumblr over the lunch hour and it was registered as porn. – schroeder Dec 28 '18 at 13:04
  • @schroeder Such information wasn't specified. I doubt the OP would know answers to your questions. I also do not know about custom software that might have been installed on target device. You yourself assume default phone names refer to account holder, which is not always true. Iphones might do so, but lots of other manufacturers don't, so you could get device names like Samsung J3 that won't tell you much. – Luntri Dec 28 '18 at 13:49
  • Exactly, so your generalised conclusions are easily defeated by one factor being different. You are saying "probably" but have no basis for it. – schroeder Dec 28 '18 at 15:19