Stealing everything you’ve ever typed or viewed on your own Windows PC is now possible with two lines of code — inside the Copilot+ Recall disaster.
doublepulsar.com
Q. Is this really as harmful as you think?
A. Go to your parents house, your grandparents house etc and look at their Windows PC, look at the installed software in the past year, and try to use the device. Run some antivirus scans. There’s no way this implementation doesn’t end in tears — there’s a reason there’s a trillion dollar security industry, and that most problems revolve around malware and endpoints.
You are viewing a single comment
Did you read the article?
This system basically do a character recognition on EVERYTHING the user is displaying and save the results in a very small file not that well protected.
The data is very small (I guess because it's basically text?), seems easy to find. That means the history of all you did on your computer (apparently only for the last three feays by default,but well...) can be stolen at once, in a minuscule file.
I'm not an IT specialist, but I don't see in which world this can remotely be a good idea...
As I understand not everything will be read and stored, storage will be encrypted. We don't even know what exactly will be stored and everybody here is losing their mind.
We already have a lot of sensitive information on our computers and nobody is panicking.
I guess it's hard to get used to new stuff. Or maybe Linux users are afraid that their favourite system won't be able to compete anymore.
Based on what Microsoft themselves said we know: everything will be stored (except edge private session...). They specifically say they don't do content moderation: they log everything.
Did you read the article?
As a windows user I'm not delighted by this.
Edit: at this point you must be trolling...
If you are so afraid, you can just turn it of. You are aware of this are you not?
OK if you think I'm trolling, why did you answer?
I give you the benefit of the doubt you are a reasonable person who can go beyond their emotions of a feature of an os. And the emotions this article stirred.
You didn't read the article.
We do know the answers to these questions. And if I can use a 2 line script to exfiltrate all your screen data for days/weeks in under a few MB of data.
So better hope you, never, ever, ever run unauthorized or malicious code, because now it basically has a honeypot of top priority data, always stored in a known location and compressed for easy uploads.
What kind of malicious code would be able to do that?
Do I have to continue or do you think you could actually read the article for the rest? It's clearly a bigger deal than "linux users mad because windows better" and your poor excuse for a troll just makes it look like you're too stupid to read the article laid out in front of you. Well, now you have no excuse so get good.
Sorry I don't take everyones word as truth. This guy is just one guy. One guy against the whole Microsoft corporation whose entire fortune depends on this not to fail in the way he said it certainly will. Absurd.
Lol you're hopeless.
Lol you believe everything lol.
Have fun with that.
I will, together with 1.4 billion people who will do the same.
Oooooh scary.
I'm not surprised you are scared, considering what puts you into panic.
Lolololol try harder loser.
Then don't believe one guy, read the other reports on the feature, or the reports from Microsoft's BUILD conference that confirm these details.
It's stored in the appdata folder in plaintext.
Encryption at rest is meaningless if you get infected with spyware.