[palmotea]

> Well, the main thing this brings to mind is an Amazon tactic that emerged after the pandemic. There was a big move to get people back to working in the office, and Amazon staffers who weren't happy with that could change their SSID (home Wi-Fi name) to match the company’s official office network.

> Now, do not take this as advice to do the same! It’s highly likely that a more advanced application like Teams has a more advanced check going on here, such as making sure your device has an IP address that matches the corporate office network, or checking the MAC address of the router.

Is there any reason you can't spoof literally all of that?

But if your boss really wants to know if you're in the office or not, they can track badge-swipes. That's what my employer does to enforce RTO compliance.

[nerdsniper]

MacBooks just provide their GPS location to Jamf thanks to FindMy. Sure, you could spoof that by keeping it in a Faraday cage and use a $10,000 signal generator to generate GPS signals.

But then you go to all that trouble and still have to VPN into the office from an IP outside of your office.

[palmotea]

> MacBooks just provide their GPS location to Jamf thanks to FindMy.

1. Do MacBooks even have proper GPS hardware onboard? Honest question.

2. I wouldn't think GPS would actually work very well, given how cavernous office buildings are--no clear view of the sky for GPS. And if you get a GPS signal indoors at home, it shouldn't be too hard to block.

[Gigachad]

I don’t know if it’s real GPS or something more like how phones lookup near by wifi networks to get location, but MacBooks seem to get pinpoint precision location

[criemen]

I don't think macbooks have a GPS chip built-in, isn't it only wifi geolocation?

[JCM9]

Amazon now does this with badge swipe data, and because you must badge in and out of Amazon offices they also track and report on how many hours you’re in the office.

[judge2020]

Yeah I’m here like “what are we even talking about? What company is doing this over just reading badge swipe data?”

I know smaller companies might not have badging systems that can provide such analytics (or badging systems at all), but the Amazon anecdote smells fishy to say the least.

[delusional]

No. Short of having your workplace install a cryptographic appliance internally on their network, you can spoof anything.

A computer can't know anything except what the environment tells it, and since you control the environment you can tell it whatever you want.

[bluedino]

Managers couldn't get badge swipe access but they could get wifi data, so that's what they used to find out who was actually coming into work (people were swiping their badge and leaving, etc)

[palmotea]

> Managers couldn't get badge swipe access but they could get wifi data...

That seems really weird. Why?

If managers can't get badge swipe data (or reporting based on it), are they doing some kind of weird solo RTO enforcement? And if they can't get badge-swipe, why could they get Wifi data?

[bluedino]

Honestly probably because the badge system is ancient and there's some Windows 95 machine in a furnace room somewhere that nobody knows how to get the swipe info from, or they can't separate it by employee/department etc

[ivanbakel]

>Is there any reason you can't spoof literally all of that?

I think that’s what is being insinuated.