@Fast-Nop No, but when the public interests of keeping company secrets secret, outweigh a single employee's private life.

Ergo, everyone against you.

We are not talking about "Johnny's manufacturing" now, they would never be allowed to do that, but a big big corp.

@Fast-Nop In sweden its not irrelevant. The law is the same, but circumstances are different. The law in sweden states under the right circumstances you are allowed to do that.
And for a big corp with a large "public footprint" (Company important for the society), they get certain protections and rights.

In the same way politicans gets lifeguards.

Not who you are allowed to talk to - thats unjustfiable.
But they can state who you are NOT allowed to talk to (ergo blacklisting certain people - if you talk to them you are assumed to have leaked company secrets).

@lbfalvy Of course. But how do you check a brain? Thats the problem.

If the company secrets are so big so its unfeasible to keep them in brain, then you can't justify poking and enforcing rules during free time.

If the secrets are feasible to look at, remember, and then carry out inside a brain, tnen the problem is bigger, and it can be feasible to enforce certain rules during free time - including who you aren't allowed to talk to.
But the rules in itself must be justifiable and feasible too.

@Fast-Nop Of course its not justifiable for commercial interests. The interests must be stronger - like you can put up a camera to prevent crime like theft.

Stealing company data is a crime. Survelliance on a employee to prevent stealing company data is justified.

But as I said, the threshold is very high before you are allowed to poke into employee's free time. You must be a BIG corp, and have justifiable secret information, that the employee have access to.

A little indie game developer will never justify that, even if they have secret data, because their secrets aren't secret enough in a "public interest" scene.

@Fast-Nop You can work elsewhere, just not so you compete with your previous employer.
Its because you can carry previous customer's phone numbers in head and "steal" those customers.

Sometimes they even give you "first in line" (bypass queue) to a new workplace which is not a competitor or related work, to cover these 10 years.

@lbfalvy Its nothing stranger than they are allowed to check your pockets so you aren't stealing things off the workplace (exit checks).

But its kinda difficult to check a brain so youre not stealing intellectual property or even secret information off the employer.

So based on the nature of the information used in the workplace (and how "easy" it is to carry inside brain, ergo remember) the employer has the right to enforce rules 24/7.

This for 2 reasons.
1 - so you are not by mistake leaking company property.
2 - If you leak, you cannot claim it was a mistake - hey you broke a rule.

Same with "no forklifts here". If you drive a forklift there and cause a accident, you cannot claim it was a mistake.

@lbfalvy Here in sweden we have something called proportionality, meaning such rules can be justified but only if they ARE justified.

For example, if you work for a sensitive company, they can prohibit you from working with a competitor or starting up a similiar business like 10 years after you ended employment there. And it would pass the court.

But if you work as a cashier in some random grocery store, and they would try to put such things in the employment contract, it would be invalidated in court - because its not proportional or justified.

Same with IT rules. Logging which websites a cashier visits during break on work computer vould be unjustified. For a cashier only justifiable to log ehat happens with the money in the cash register kind of. Logging which websites visited at home for a guy that does have unfettered access to tousands of credit card numbers - justifiable.

@piratefox they havent dropped security updates. What I understand microsofts announcement as, is that they will not specifically create a security update for a hole that only exist on non-TPM computers, or a processor vuln (like spectre) for a depreciated processor.

But if a security update exist, u will get it.

@iiii yes in stable version

Would say that depends. If you work for a indie game studio, not resonable.
If you work for military defense, I would say its even resonable to put a keylogger on your home computer and cameras on your toilet, and enforce the work rules 24/7.

Then there is the whole scale in-betwen.
So what your employer can enforce on your free time, depends entirely on how sensitive your work is.

<3 nano <3

@stop It will maybe stop some spam, but also many legitimate mail. So much servers and software out there that are half-broken.

This solved most spam problems for me:

acl_check_mime:
deny
message = no spam here
mime_regex = (?i)https?:://[a-z0-9]+\\.su : (?i)https?:://rambler\\.ru
accept

note that it SHOULD be double colon as this decodes to a literal colon in exim4's regex language, same with double backslashes. (normal colon is item separator)

@irene I know but the owner don't want to buy a new PC, and I have to do the best. Also set pagefile to 16gb, and using a SSD I had laying around to atleast get somewhat manageable speeds.

Try it at least...

I have it installed. Whats wrong with it?

@FrodoSwaggins agreed. But country TLDs (ccTLD) are bad to ban, most local TLDs (.se, .eu , .nu etc) requires local verifiable presence so harder for spammers to get.
before .eu was open for everyone, but now only for EU citizens, so eu is (no longer) a spam source.

however, these new gTLDs are internet cancer... Or high-capacity spam pumps.

@HAlex SERIOUSLY did google buy a domain from a spammy TLD....

@Linux why not? I mean, .xyz is dirt cheap so spammers buy them in bulk... like CheapMedications.xyz, DoctorOnline.xyz and so on (only made up these names but you understand).

Best solution when multiple server softwares need to access the very same private key for an Lets Encrypt cert, instead of having one copy of the private key for each server software:

chmod 777 server.private

I dont really care about permissions - if they become a problem, I just 777 the culprit.

Better with a super hard inpenetrable shell around the server with firewall, IPS, WAF etc instead of having lots of security on the local server.

@lotd Its better to drop than reject, because with reject you tell theres something there. And better to do it via iptables rather than binding to specific interfaces.

better solution is to block SSH access unless from trusted IPs.
Or atleast geo-lock it from the country you live in.

Download a iptables list here:
https://ip2location.com/blockvisito...

change -j DROP into --dport 22 -j ACCEPT using search/replace

remember to put fail2ban before if you still want to use it.

@JFK422 Because linux isn't suitable for day to day computing. I love linux, its great for specialized computers for example a kiosk computer in a store, a server, a automation system, ticket machines, network equipment, terminal server (where employees can get a temporary session via VNC) etc.

But for a normal work computer, Windows 10 have better support for Microsoft's proprietary file formats and protocols, and have a wider compatibilitys with other software.

ooh asked the boss for an extra table.. he fixed it.only 16 laptops left (+ the 6 ones on the table) to eradicate windows 7 from and install Windows 10.

(picture got upside down because of my phone)

@StazC they anonymize the data with a unique id before selling.

@StazC I know that microsoft collect data, but since microsoft is a trusted company, I don't mind them collecting data.

@StazC w10 is not spyware since Microsoft is a trusted company.

@StazC w7 = rotten. w10 = fresh.
Many sites don't work in IE but in Edge.
why install linux? they have valid licenses, then its w10 that makes them great.

@neriald How is Windows 10 garbage? Its the best OS ever created, with builtin antivirus, firewall and Edge browser.

Here is another pic Pretty cute? My table space ran out because theres a LOT of laptops to eradicate 7 from and do Windows10 on.

@Aitkotw eeh? The top laptop is leaning aganst the armrest and the screen of the 3rd laptop on the bottom.