SoylentNews is people
SoylentNews
Employers can ban employees from using work email for personal purposes, including union organizing, the National Labor Relations Board ruled on Monday.
[...] Federal labor law protects employees' right to organize without interference from employers. That includes a limited right to engage in organizing activities in the workplace.
[...] Labor-rights advocates have long argued that this principle should extend to workplace email systems. They point out that email can be one of the most efficient ways for workers to contact one another and discuss workplace issues. And they note that the costs to employers from added email use is negligible.
[...] The latest ruling focuses on the casino operator Caesars Entertainment, which has broad policies prohibiting employees from using its email systems for personal use.
[...] The law merely requires that workers be given some reasonable means of communicating with one another, the board held. The law already protects the rights of workers to communicate via face-to-face conversations and the distribution of literature. That gives workers sufficient opportunities to communicate to satisfy the requirements of labor law, the board ruled.
[...] The board's lone Democrat, Lauren McFerran, dissented from the ruling, arguing that the majority had misinterpreted the law. She argued that property rights weren't relevant to the case because Caesars had already granted its employees access to the email system.
Additional Source:
Shortly after Google staffers engaged in the largest mass walkout at any tech firm in the United States, the company quietly lobbied the National Labor Relations Board in the hopes it would roll back a decision that safeguarded the only way protesters were able to organize that action as quickly as they did: email. Unfortunately, Google's hope has become a reality.
https://gizmodo.com/disastrous-nlrb-ruling-adds-another-hurdle-for-tech-wor-1840491764
Previous Stories:
https://soylentnews.org/article.pl?sid=19/12/17/1948215
https://soylentnews.org/article.pl?sid=19/12/04/0029250
https://soylentnews.org/article.pl?sid=19/11/26/1411249
(Score: 2) by VLM on Thursday December 19 2019, @08:02PM (2 children)
Why bother with GPG if your employer has root access or equiv on your hardware? About as silly as demanding the use of the corporate SSL cert to keep your union organizing private.
(Score: 2) by hemocyanin on Friday December 20 2019, @11:38PM (1 child)
Why not store your private key on removable media? I've never tried that because I am the boss of my tiny little thing, but it would be better than storing it on computers your boss owns.
(Score: 3, Informative) by VLM on Sunday December 22 2019, @03:13PM
Then you end up with the traditional balance problem of do you trust a large consortium of mfgrs and browser authors and just buy off the shelf U2F hardware, or roll your own possibly correctly using plain old flash drives.
https://en.wikipedia.org/wiki/Universal_2nd_Factor [wikipedia.org]
There is an interesting in between solution where I read a detailed description of someone turning an arduino / teensy type board in to a U2F key. So you can trust your key... hope you can trust the browser software. Presumably a home compiled U2F application for an arduino would not have back doors.
Supposedly there's no master record of the keys burned into commercial devices from mfgrs. Supposedly. But if one existed then you could cut and paste it into an arduino emulating the U2F using existing arduino U2F code and away you go.
This also brings up the point that the easiest way to crack an arduino homemade U2F device would be the completely insecure machine and IDE that programmed it having the burned in key sitting there in plain text in the source code and on the drive and in memory etc. So to be serious you kinda need to program a homemade arduino U2F key then thermite the entire box especially the HD.
Hilariously the public arduino code, as I remember, used xor in some unwise way so another dude wrote an exploit to flip a single bit at a time of known plaintext and in about 256 rounds (or whatever) it could crack the key. So, as usual, doing crypto yourself is almost as dangerous as trusting the FBI/CIA/NSA/DIA. Choose your poison I guess.