25
WFH hide laptop location (hexbear.net)
submitted 2 days ago* (last edited 1 day ago) by [email protected] to c/[email protected]
14 comments fedilink hide all child comments

https://hexbear.net/post/5074786

Hi So I'm planning on spending some time in a different country and work from there.

So I need to hide the location. Laptop is a HP elitebook with win 11.

IP hide solution idea, using a GL iNet router and setup a wireguard server in order to use the home internet.

https://docs.gl-inet.com/router/en/3/tutorials/wireguard_server/

Would this work as i intend?

Wifi localisation. I'm not sure if I can just turn of wifi an call it a day. An update or something it might turn it back on. Windows if not the employer will try any way to get the location I assume.

I have a USB dongle that allows me to use lan cable directly from the GL iNet router.

I could also just open it up and disconnect the wifi module /antenna cables.

Bloutooth might be an issue? Anything else?

Edit , thanks for the replies . I can add that USB is somewhat restricted , a flashdrive won't work however my USB to Ethernet works , the dongle have other ports as well, the USB there won't work haven't tried the different sdard slots. So I am assuming that it's a software mod to deny storage only.

Checked out pikvm , seems cool but I don't think it will work.

Also fuck what shit is hard on a teltonika router EOL 2 years ago. Thought I knew shit :)

you are viewing a single comment's thread
view the rest of the comments
[-] [email protected] 11 points 2 days ago

It may be possible to disable WiFi in the UEFI firmware as well.

[-] [email protected] 6 points 2 days ago

Maybe , however I doubt it it has all the lockdowns from corporate. Question is what boobytraps exist , 1 if boot setting are changed or if 2 physical opening of laptop to remove wifi module / antenna cables

[-] [email protected] 5 points 2 days ago* (last edited 2 days ago)

I would run the tunnel from the local travel router (just another GL iNet one I guess) to your US wireguard server, and make sure nothing can route anywhere if that tunnel drops!

Disconnecting the antennas is undetectable remotely, but the card will still sometimes pick up signals I think. Maybe a non-conductive faraday cage/bag/material can be wrapped/taped around it to make the odds very low.

Removing the card entirely can theoretically trigger a TPM holding eg BitLocker keys to reset and make the drive unable to be decrypted without the recovery key. Save your recovery key within the OS if it'll let you. If you can't, from my research it doesn't seem like TPMs generally reset over Wi-Fi cards going missing.

[-] [email protected] 4 points 2 days ago

Interestingly, it does look like you can monitor and change bios settings using PowerShell; however, I'm not sure someone would go through the effort to actually monitor those settings. Endpoints like a laptop are disposable to a large enough organization. They do not want to baby the devices and micromanage each one of them, if troubleshooting an issue is going to take longer then just replacing the device, they'll likely just replace it. Getting into the weeds of monitoring the bios of every end point for changes just seems like a huge waste of time. However, I could see them password protecting the UEFI, in which case cracking open the device and disconnecting the Wi-Fi module is your best bet. I doubt they'll be monitoring for that as well. Opening the device shouldn't raise any hairs because people already beat the shit out of their devices as it is.

this post was submitted on 29 May 2025
25 points (100.0% liked)

technology

23784 readers
129 users here now

On the road to fully automated luxury gay space communism.

Spreading Linux propaganda since 2020

Rules:

founded 4 years ago
MODERATORS
[email protected]
[email protected]
[email protected]
[email protected]
[email protected]