Okay then #Microsoft #CoPilot + PCs #CoSoSec
Microsoft AI “Recall” feature records everything, secures far less
How the new Microsoft Recall feature fundamentally undermines Windows security
With Recall, a CEO’s personal laptop could become an even more enticing target for hackers equipped with infostealers, a journalist’s protected sources could be within closer grasp of an oppressive government that isn’t afraid to target dissidents
"So, threat actors gain access to devices. That happens every day on home PCs, and corporate systems. Currently, they steal browser credential stores and clipboard data.
With Recall, as a malicious hacker you will be able to take the handily indexed database and screenshots as soon as you access a system — including 3 months history by default"
Microsoft are about to set cybersecurity back a decade by empowering cyber criminals via poor AI safety.
(Scroll up)
https://cyberplace.social/@GossiTheDog/112531054138802168
UK watchdog looking into Microsoft AI taking screenshots(the article Microsoft lied in and bbc tech journalist believed the lie) 🤷♂️
Microsoft’s Recall Feature Is Even More Hackable Than You Thought
James Forshaw, a researcher with Google's Project Zero vulnerability research team, published an update to a blog post pointing out that he had found methods for accessing Recall data without administrator privileges
https://www.tiraniddo.dev/2024/06/working-your-way-around-acl.html
“Damn,” Forshaw added on Mastodon. “I really thought the Recall database security would at least be, you know, secure.”
https://infosec.exchange/@tiraniddo/112566044174482506
More here:
https://www.wired.com/story/microsoft-windows-recall-privilege-escalation/
on the Microsoft blog the Vice President of Windows and Devices, Pavan Davuluri, released new information & updates on Microsoft Recall citing that they 'have heard feedback' on Microsoft Recall and have decided to make some changes to how it operates.
Update on the Recall preview feature for Copilot+ PCs
You can now choose whether or not you want Recall active during installation. It is no longer active by default - "Windows Hello" enrollment is now required to enable Recall. A "proof-of-presence" is required to view and search Recall
- Recall is now implementing additional layers of protection – it is decrypted in-real-time with Windows Hello Enhanced Sign-in Security (ESS). Data is only decrypted when a user authenticates it. Search index is all encrypted.
#Microsoft recall how it all unfolded and made the company stop in its tracks and take notice of all the criticism and concern and ultimately stop what they were doing and change it ALL
Microsoft cancels universal Recall release in favor of Windows Insider preview
https://www.theregister.com/2024/06/14/microsoft_recall_release_delayed/
@ecksmc It's getting harder & harder to keep your data safe. The value proposition of using computing tools is vanishing.
@ecksmc 
siiiiigh
Fugging microsoft, ffs…..
@ecksmc
Never mind the fact that I keep trying to kill it on my system and they keep shoving it back down my throat with every update.
@Beerdini sounds like you should try Tiny11Builder - Tiny11Builder is a third-party script that can take a Windows installation ISO, which you can get from Microsoft, no clutter.
https://counter.social/@ecksmc/112333875885916544
using this tool and you'll have a truly clean installation: You will not be prompted to create a Microsoft account, or even to sign in using one, and there will be no Microsoft services other than what you need in order to use the operating system
😆