Microsoft 365 now tracks you in real time?

Posted by imalerba 7 hours ago

Microsoft 365 now tracks you in real time?(ztechtalk.com)

347 points | 269 commentspage 3

dehrmann 6 hours ago|

> Teams on Mac

> And obviously, the mobile app (your pocket spy).

Don't these ask for location permissions? This story is light on details.

bri3d 6 hours ago||

The roadmap feature is light on details too: "When users connect to their organization's Wi-Fi, Teams will soon be able to automatically update their work location to reflect the building they're working from. This feature will be off by default. Tenant admins will decide whether to enable it and require end-users to opt-in."

I found a lot of news stories about this dating back to where it showed up on the roadmap in early 2025, but none of them with any more implementation details (ie - is it using _only_ WiFi network name, or some other data too?)

entuno 6 hours ago||

The Teams Android app just asked for location permission today for me for the first time. And got denied.

palmotea 6 hours ago||

> Microsoft confirmed that starting March 2026 (delayed from January), managers will be able to see your real-time location. And no, disconnecting from the office Wi-Fi won't save you.

Is there anything more than the Wifi SSID stuff below?

> If you connect to a Wi-Fi network that isn't your company's, Teams will simply display the name of that network. So if you decide to take a "working lunch" and connect to "Starbucks_Guest_WiFi", your boss sees it instantly. You can’t hide behind a generic "Remote" status anymore.

So how exactly does this work? It'd be pretty trivial setup my access point to provide a work SSID? How much access does Teams really have to get info to discern your location?

iso1631 6 hours ago|

SSID, signal strength, BSSID, private IP, public IP, ipv6, all trivially available to a binary running on a machine.

It sounds far less than the diagnostics data I get from a small go binary.

If corporate policy is you can't connect to starbucks wifi, then enforce that at the MDM mangement layer - I assume things like SCCM can do it.

palmotea 6 hours ago||

> SSID, signal strength, BSSID, private IP, public IP, ipv6, all trivially available to a binary running on a machine.

So it sounds like if you want to circumvent this: get a travel router that spoofs a work access point, and make sure any kind of identification requests that would reveal a public IP are either blocked or are going through your work VPN.

PunchyHamster 5 hours ago||

running it in a browser would be enough, no ?

palmotea 5 hours ago||

If it's only just the teams app that's doing it, but I'm not sure if that's a safe assumption. There's a crap ton of Microsoft stuff installed on my laptop by default, and the IT admins install stuff all the time.

antaviana 6 hours ago||

When I started working at a time with no mobiles and no remote, calling or being called to the office for personal reasons was seen with disrespect from your coworkers. At work you were supposed to be working, and outside of work you were supposed not to be working. Pretty much as in the Severance series, but without the forgetting. With mobiles and connectivity, everything changed, I'm unsure if for better. Now you can work 24/7 or slack all day as if there were no tomorrow.

storus 6 hours ago||

It seems like the worst practices from Trilogy/Crossover are leaking all over the industry. First the crunch at all times at FAANG, next tracking everyone in a few minute intervals, ending up with real-time video tracking at all times, all spawned by the desire of inept top management to run software development as a manual factory with predictable assembly lines and not an intellectual pursuit.

re-lre-l 6 hours ago||

In my opinion, if I want to install any work-related software on my personal devices, it means I’m so excited about the job that I honestly don’t care whether a manager sees where and what I’m doing - just as a manager usually doesn’t care either. I mean, there’s no reason at all to install anything on personal devices unless you actually care about the business.

n3dm 5 hours ago|

What is your opinion about installing M$ Authenticator or any other mfa software?

mystifyingpoi 5 hours ago||

It's a good question. At work, we were given an option: install non-intrusive authenticators on your personal phone (you are free to disable their notifications fully, and you get some extra money as reimbursement) or you are given a company phone (that you have to carry to work and back, have to charge and update etc). Most non-oncall people decided to pick option 1. Oncall people picked option 2.

assaddayinh 6 hours ago||

Society feels like a prison and the warden is watching.

salawat 6 hours ago||

This is exactly the end state we'll end up in unless the technology sector starts saying no to implementing the tools of petty tyranny.

Hint: Bossware and most things the MBA's drool over.

Unfortunately, there's enough people out there that are fine with implementing said features if it means they get a paycheck; even if it ruins the world for everyone else.

assaddayinh 4 hours ago||

All defectors

copilot_king 6 hours ago||

[dead]

aquir 6 hours ago||

So looks like feature is not working in the web client? One more reason to to use that instead. Also, I will uninstall Teams from my phone for sure.

assaddayinh 3 hours ago||

How could you hack this? Like spoofing a company hotspot to your phone, that just mysteriously blocks you?

mixmastamyk 6 hours ago|

Mr. Doctorow calls this “Bossware.” ;-)

More comments...