Ok. Rumor has it that corporate has now started more actively using Vericept on our corporate build laptops.

I REALLY don't understand how as a consultant we are supposed to separate personal from work life when we are on the road away from home the majority of time.

So I've just started running VNC to my machine at home. Next its time to try and tunnel everything from SSH.

I was wondering if any FTers have any experience on how VNC works when tunneled through SSH. I don't plan on doing anything intensive. Some IM and access to my online banking etc.

It will be appreciably slower than what you're used to on your desktop, but usable for the casual uses you describe.

Have you considered putting XP on a bootable flash drive and just booting off that? That way you'll be totally isolated from whatever they give you... Keep in mind that even running vnc/ssh on a Vericept PC will have some stuff logged; they won't be able to see exactly WHAT you did, but doing something to evade their logging will be reason enough to question what you are up to...

well booting off a flash drive would be a PITA everytime i just want to do something, but I suppose that is one route.

Are usb 2.0 drives bootable now?

also what is Vericept going to see? I'm just having display information sent back to me and my keystrokes are going encyrpted over to the remote display.

Any i could always put the ssh on port 443 etc.

I'm not trying to feed secrets to the enemy. if they don't want my stuff on the laptop then fine, i don't want them looking at my stuff anyways. i guess I want a sandbox and VNC is the first thing that i thought about.

if there is another instant on method that would be great.

i thought about two laptops too, but that is a total PITA week in and week out plus at my current client, they lock each switch port to a MAC address so each computer is registered to a switch port.

ask me how i know ##$@(*$#@ I accidently shut off my co-workers port by plugging in my laptop to his port. boy was he happy.

so bringing a ibook into the client site to do what? oh...so my company can't monitor my IM with my friend so we can decide where to meet up for dinner..grr

I also thought about VMWARE and I don't think Vericept would be able to look at that either, but I have a slow laptop and it sucks resources and I would have to build a new environment.

Actually scratch that. Vericept would be able to see the communication coming out of the VMWARE OS.

A couple of thoughts... first of all, if your laptop has a bootable CD or DVD drive, you might consider using some sort of "live CD" for personal stuff. A live CD gives you rapid access to a complete operating system and applications, without having to install any software, and without ever needing to access your machine's hard drive. Since it can function completely independently from your regular operating system, it's almost as good as having a second computer.

There are many premastered live CDs to choose from. A good one to start with is KNOPPIX. This is Linux-based, and uses filesystem compression to cram about 2GB onto a regular CD. There's also a DVD version with a lot more. When you boot this thing, it auto-detects your hardware, and attempts to configure networking using DHCP. I.e. it does more-or-less The Right Thing in hotel rooms with wired Ethernet connections. Don't worry--it supports most of the common wireless stuff, too.

Typically, I'll start it up with a command like
�California is home for me; I believe the English-language version defaults to Eastern time.

�KNOPPIX, unfortunately, uses the horribly bloated and slow KDE unless you override it; IceWM is very reasonable, and will seem quite familiar to anyone used to Windows.

As for VNC's performance, you can only really determine if it's going to be acceptable by trying it. Note that there are alternatives to the original VNC. For example, TightVNC is a derivative optimized for slow(er) connections. You might also take a look at the commercial product NoMachine NX. The NX client is free; they make their money off the server. Of course, there's a free server available.

VNC has competitors as well; for example, if the machine you want to access is running Windows XP Professional, you should be able to use a Remote Desktop Protocol client to do things the "native" Microsoft way.

In any case, if you're using any sort of remote access technology that does not provide its own security (which is the case with all of the free VNC implementations I'm familiar with), you'll definitely want to tunnel through SSH or use some sort of VPN layer. And keep that USB flash drive handy.