Microsoft is reworking Recall after researchers point out its security problems

Spotlight7573@lemmy.world to Technology@lemmy.world – 503 points – Microsoft is reworking Recall after researchers point out its security problems
arstechnica.com

the company says that Recall will be opt-in by default, so users will need to decide to turn it on

95

You are viewing a single comment
View all commentsShow the parent comment

You're right, nobody should ever rely on external feedback for anything. 🙄

It should never have gotten to the external feedback stage because internal feedback should have been sufficient to kill the idea before it even got a name due to it being such a security and privacy risk. The fact that it didn't is worrying from a management perspective.

You're on Lemmy so I assume you're in a tech job, so honestly I'm surprised by your surprise.

Yea, if it's anything like my tech job the peons were raging about it in their group chats while every successive manager up the chain raved about how great it was and how much progress they were making to the guy above him and silencing any dissent.

Exactly, we are on the same page.

That's why external feedback is needed. When you exist within a hierarchy you can discount your "lessers". Everyone needs feedback. "They should've known better" is a fine thing to say but not helpful in a system as devoid of morality or hope as capitalism is.

I'm not sure I'm surprised at this point any more, just disappointed. All they have to do is just make a stable and secure platform to run apps on. They're going to run out of foot to shoot themselves in sooner or later if they keep this kind of thing up. Too many unforced errors.

You shouldn't need external feedback to know that putting security cameras inside bathroom stalls is completely deranged.

This is that level.

No, it's not. Check your priorities.

Yes, it is. Easily. It's that invasive.

It will record your porn if you use a functional browser instead of edge. It will record your nudes if you ever see them on your PC. And on top of that, it will also record all sorts of other sensitive personal information that can be used for identity theft if you just do basic shit like using banking websites. Looking at your passwords at some point in your life is also perfectly normal behavior, and it will expose that too.

This is more akin to you taking a picture of your own junk in a public bathroom stall. Or using face unlock while you're on the toilet.

Obviously nobody's gonna win in an internet argument but you should really take a look at the extremes with which you view this stuff. /Serious.

Only if your phone is moving that picture to a place that's very easy for anyone who wants to get.

The user is not doing shit. The operating system is massively compromising their expectation of privacy by packaging all their sensitive activity into an easy to grab and go bundle.

Viewing actual extreme behavior as extreme is how it's supposed to work. This is obscenely invasive.

Not storing this shit unencrypted was pretty fucking obvious dude.

Pretty straightforward systemic failure -- Dev team, I would guess, assumed full disk encryption would cover it, and nobody checked the assumptions. Or to rephrase: it was fucking obviously encrypted dude.

Derp a derp

Is this supposed to mean something? I'm old and not up to date on the new script kiddy slang.