Ask HN: Do you connect your work computer directly to your home network?
I work remotely from home on a company provided laptop.
This may be excessively paranoid, but are there any privacy or security concerns with connecting it directly to my home network?
For example, isn't there a risk that the company could be monitoring the traffic on my local network?
Also I regularly do work through an employer managed Google Workspace account that's logged in on the system.
Given that my public IP is one way that Google targets and matches devices, that could mean that the recommended YouTube content for my corporate Google account would match my private and personal account that is associated with the same IP. And it should be possible for an administrator at my company to access my work account and see that profile.
Are there any recommendations for combating those concerns?
I can't use a personal VPN client on my company laptop, and it's not possible for me to move away from my personal Google account or work from a cafe. Google does not change YouTube recommendations based on your IP, it's entirely based on cookies, they have no way to tell how many people are behind the NAT. Try going to YouTube in private mode. Personally I always use YouTube this way to avoid being pigeonholed. EDIT: I've exceeded my post quota for today so here's my reply: That's interesting. I've moved ~4 times and have used different ISPs since I started this habit. Perhaps your private session wasn't restarted? In Firefox you have to close all of the private windows before you get a fresh cookie jar etc. It might also be that you don't deviate far from the popular videos. Every time I start a new private session there isn't a single recommendation that matches what I normally watch. It's possible my viewing habits overlap with say 68% of others. But I've seen recommendations that match what I would assume to be my more niche interests. As for not closing all private browsing tabs, I've made that mistake before, but I still see the same pattern of recommendations when using single session browsers or separate devices. Thanks again for the follow-up. That hasn't been my experience, when opening a private window the default feed I see on YouTube mostly matches what I would see if logged in. Do they have ways besides IP to track you there? Some kind of browser fingerprinting? Or that FLOC thing? Maybe used in combination with IP? Yeah I'm unsure what information they use or have access to in order to form recommendations. But I'm almost certain it's not limited to just IP addresses. Perhaps the easiest technical solution would be a cheap phone and a plan that allows tethering? That gets it off your network and your personal public IP for $NOTMUCH/month. It's still possible that your employer might use their laptop's WiFi, Bluetooth, microphone or camera to do various nefarious things, but ... unless you're genuinely worried about nation-state level shenanigans, I think that'd be excessively excessively paranoid. Either way: distrusting your employer this much might indicate that it's time for a new job? I don't distrust them so much and I think an administrator would have better things to do. That said, I'd prefer not giving them the opportunity and if it's at all practical "better safe than sorry" as they say. Thanks for the suggestion. Fair enough. The other thing you might consider is a separate VLAN for your work equipment. This won't address the public IP concerns, but will separate your work and personal network traffic. It would require decent spec switch, router and WiFi though: most likely not what you already have unless you have enterprise-style gear. And given it doesn't address the public IP issue, overall a cheap tethered phone is possibly both better and cheaper. With a bit more effort, OpenWRT on comodity hardware can achieve that as well. Thank you both. I typically log onto a separate "guest" Wi-Fi network that I enable through my router. Though maybe that's not exactly the same? I'll need to double check the settings to be sure about the network isolation. But as mentioned that still doesn't address the public IP concerns. If you're worried about the work computer having access to your home network, you can setup two routers in series. Modem <-> personal router <-> work router Connect your work computer to the work router and it will be the only thing on that network. Never thought of that, will that really work? I might have a spare router lying around to test it. Thanks!