I work on a corporate laptop that has an infamous root CA certicate installed, which allows the company to intercept all my browser traffic and perform a MITM attack.

Ideally, I’d like to use the company laptop to read my own mail, access my NAS in my time off.

I fear that even if I configure containers on that laptop to run alpine + wireguard client + firefox, the traffic would still be decrypted. If so, could you explain how the wireguard handshake could be tampered with?

What about Tor in a container? Would that work or is that pointless as well?

Huge kudos if you also take the time to explain your answer.

EDIT: A lot of you suggested I use a personal device for checking mails. I will do that. Thanks for your answers!

      • SnotBubble@lemmy.mlOP
        link
        fedilink
        arrow-up
        1
        ·
        8 months ago

        It’s good to know that they can’t bypass wireguard or Tor. I was a worried about that.

        As others have suggests, I will probably use a separate device to check my mail. That seems the safest and fairest option both from the company and my perspective.

    • SnotBubble@lemmy.mlOP
      link
      fedilink
      arrow-up
      1
      ·
      8 months ago

      I tried opening a browser in a Docker container and but couldn’t browse any site except google because it didn’t recognize the CA authority.