Meow.tar.gz 
Since I work for a bunch of fascists, I've decided I need to take some extra precautions with my personal laptop. I will be encrypting everything but the /boot partition. I've also disabled the wired network interface. We are allowed to use our own personal laptops at work for fun but we connect them to an open wireless guest network. Just to be absolutely sure I am not being sabotaged, I disabled the wired interface module so some asshole won't get any bright ideas.
Misuse Case@ablackcatstail Can you use a VPN on your personal laptop? Do that too if you don’t already.
Tyler@MisuseCase @ablackcatstail was just going to suggest this!
@MisuseCase @intrabyte They block most of the ports. The only tcp ports open are 53, 80, 143, 443, 465, 993, 995 and udp 53. Everything else is locked down tighter than Alcatraz. I'd have to run a VPN over one of the TCP ports. And even then, I am guessing deep packet inspection will reveal that the headers don't look like they'll match the port protocol. I'd use my phone's hotspot but I needed to pair expenses back.
@ablackcatstail @MisuseCase I'm not an expert, but something like Wireguard may be better suited than a traditional VPN implementation.
@intrabyte @MisuseCase WireGuard uses UDP which is definitely better for VPN performance. However, all UDP ports with the exception of 53 are locked down at my place of work. Therefore, I'd need to use something like OpenVPN which supports TCP tunneling. I might be able to encapsulate UDP traffic within TCP using udptunnel to improve performance but I haven't ever used that software before.
@ablackcatstail @intrabyte Check out ExpressVPN, I don’t know exactly what they do but I use it on my personal devices and I like it a lot.
@MisuseCase @intrabyte I do my own VPN. I don't trust corporations not to do what's in their own best interests.
@MisuseCase @intrabyte Also using a VPN is just one layer of security when you need a layered approach. VPNs protect traffic in transit. I still need to implement full disk encryption on my laptop, especially since it sits on a government open community wireless network. I may have a colleague or two that might get curious about my laptop and try to use it when I am not at my desk.
@MisuseCase @intrabyte Also, I need to implement a MAC address randomizer.
@ablackcatstail @intrabyte Well you said you were already doing that, which is why I didn’t mention it.
I also use full disk encryption on my personal computer and if I’m in a public place I lock it whenever I’m not using it.