this post was submitted on 04 Jun 2024
800 points (98.9% liked)
Technology
59629 readers
2866 users here now
This is a most excellent place for technology news and articles.
Our Rules
- Follow the lemmy.world rules.
- Only tech related content.
- Be excellent to each another!
- Mod approved content bots can post up to 10 articles per day.
- Threads asking for personal tech support may be deleted.
- Politics threads may be removed.
- No memes allowed as posts, OK to post as comments.
- Only approved bots from the list below, to ask if your bot can be added please contact us.
- Check for duplicates before posting, duplicates may be removed
Approved Bots
founded 1 year ago
MODERATORS
you are viewing a single comment's thread
view the rest of the comments
view the rest of the comments
Honestly even if Microsoft were trustworthy this is too much power for anyone. I actually like the recall feature but it would require a fully open source code to trust.
I feel like even if it was open-source, it would still be too big of a target for malware and data exfiltration to ever be justified for most people.
It's a national security risk https://www.helpnetsecurity.com/2024/06/05/totalrecall-windows-recall-abuse/)
"During testing this with an off the shelf infostealer, I used Microsoft Defender for Endpoint — which detected the off the shelve infostealer — but by the time the automated remediation kicked in (which took over ten minutes) my Recall data was already long gone.”
Even with a fully open-source implementation, that thing tells on you more than normal system logs. I like it being called "privacy bomb" - waiting to give extra data to whoever gets into the computer.
Unfortunately by the time a service does this they've already got you by the balls and they know it. This is essentially Microsoft telling the world "what are you gonna do, not use Windows?" Because for most of the world that's not really an option.
Trustworthy Microsoft is an oxymoron