> like it's a huge inconvenience to just bring a personal phone to work

It's not inconvenient to bring a phone, but it is very inconvenient to have to conduct personal business on a phone rather than on a laptop.

Nonetheless, I agree that it's a bad idea to conduct personal business on an employer-owned machine.

But I don't want to pretend that it's super convenient to have to carry a second laptop, either.

> I've always, throughout a 25+ year career, kept personal business on personal devices and work business on work devices, and never cross the streams.

Interestingly, I have a similar career and I have never ever split personal and work businesses on different notebooks/phones. On the other hand I would never even consider working with a company that monitors my screen or has insight into the computer I'm working on.

In the years before the subprime mortgage meltdown, I was writing code at a massive bank. Didn’t have an iPhone yet and Gmail was blocked on the work computers, so I’d step across the street during the middle of the workday to sign into a law school library and use their computers to check my personal email. A lot of friends still didn’t want to spend money on per-message SMS fees so I could find out if anyone was inviting me to do something after work in my Gmail inbox (a lot of us used Gchat in those days but the only way I could access it was on a desktop/laptop, no mobile yet).

I agree that these days it’s vastly easier to avoid crossing streams since we all have a personal mobile smartphone.

I did find this odd at first too, but then I realized something: it's a pain to maintain a device. Customizing it to the way you like it is not only a waste of time, it's tedious and never ends in an age where defaults are often adversarial to your interests. It's enough work taking care of one pet/kid, you might not want another.

Now I'm a nerd and I went through a realization that I should treat my devices as 'livestock not pets' and went to the trouble of building a NixOS config so that I can have two or three machines that all behave the same. But that's its own labor and still doesn't solve the phone problem. Or the fact your employer won't provision you a Linux with root.

Living by this personal/business separation is probably something most folks would aspire to, but technology as we practice it conspires against them.

I’d note that my concern with Meta tracking my keystrokes isn’t that I’m mixing work with personal but that Meta is an intensely metrics driven culture with KPI optimization fixation (iRev is the heart of all their decisions, even at the cost of doing things that are clearly wrong, likely illegal, or immoral). The place is a pressure cooker of performance management and while this data likely is used for model training, there’s zero chance it’s not also going to be used to measure your relative performance and determine when to fire you because you aren’t conformant enough with whatever bizarrely poorly thought out metrics some VP pushed some director pushed some M2 to conceive of then everyone nods and signs off on as long as they can wave a data scientist at it to say “statsig,” with the ultimate goal of producing a classifier that can automate the process of end to end reviews (how do you really do a 50:1 IC:Manager ratio without performance review automation?)

They’ve already structured the model to be a binary classifier - every six months they’re going to let go 10% for performance, and they are flattening the performance range in the upside to show no signal. They billed this as a great thing for ICs because they won’t have to compete for classification and there’s no bubble zone of impeding doom, but they gloss over the top grading range went from 10->15% per year (in 2025) to 21% (as the 10 percent twice a year compounds) performance cuts, and they try to hide the fact LLMs will be doing the reviews for managers (not to mention a 50:1 IC to manager compression implies letting go 80% of managers - so the managers are now in full on squid game mode using ICs as meat shields).

So I think the “will they see my personal stuff” is not at all what is going on inside the mind of meta employees. It’s the fact they’re being fed into a stochastic parrot wood chipper.

I'm the exact same way. If it's a work device, I'll literally never use it for something personal. Why give them any ammunition? Plus, laptops are so thin these days it's not really a burden to pack two, or use a phone like you said. It's one of those things where it almost certainly doesn't matter... until it does.

I do the same. Its very easy today with portable devices and plentiful mobile data. I have my personal phone and personal laptop, connected to mobile data, for lunch breaks or the odd search I need to do during the workday. My work laptop and associated accounts are strictly for work activities and information.

Edit: From what my employer has explained, they do not have a live-view of our workstations. They can (and have) changed Google Workspace or Microsoft account passwords in order to access the accounts for internal investigations or sharing in the case of a criminal investigation. Of course, once they have the work device they could do forensics on the work device. They also have security logs from badges and alarm codes and video from security cameras in public areas.

I also find this weird. Even though the companies I worked for didn’t have any crazy rules or restrictions (never had phone from work), but I never used my work laptop or computer for anything personal. I have friends doing their own side projects on theirs. Even though in the countries where I worked/work they have to let you know what they track if they track, I still remember one of my contracts that stated that any work done on the work computer belongs to the company. That’s why, even if maybe it’s not legal for them to say that, I never ever used any subscriptions, hardware or tools provided by my employer for personal use.

Objectively I've always viewed this as the right approach, even just from an organization perspective. It's been something I haven't really adhered to in practice due to employers being pretty friendly with their tracking/policies while I've been there. It makes offboarding from a company way more disruptive when I have to remember to save my tax documents from the work laptop before I turn it in.

I do view it as having a certain level of discipline around work, and I think that can trigger a bit of insecurity leading to some of the hostility in replies you get to suggesting it as a pattern of behavior.

Above all else, don’t work on personal projects on work machines. Even in California, with decent worker protections, that’s enough to potentially give your company ownership of your personal projects (because you developed them using your employer’s resources). Especially if you think there’s a nonzero chance your job would find your personal work useful or financially worthwhile, keep that stuff off your work laptop.

Agree with this. The > the organization the > the big brother dystopia. Big corps that say use outlook will ask for admin permissions on your cell which include delete access, reading media, etc if you want to use teams/outlook. So i never opt in. Probably good for work life bal. They can call me in emergencies.

I fully agree with you.

I think large majority on HN works in cool startups without IT rules that could even cost their job when failing security assessments.

Another one, there is no cowboy instalation of dependencies, the CI/CD servers can only talk to internal nexus, jfrog,...

Especially because many employers use security tools that log your activity, including keystrokes.

Which means your keystrokes (passwords, cc numbers, anything you type on your work laptop) may now be sitting in clear text in logs somewhere.