1018
Stealing everything you’ve ever typed or viewed on your own Windows PC is now possible with two lines of code — inside the Copilot+ Recall disaster. (doublepulsar.com)
submitted 2 months ago by Stopthatgirl7@lemmy.world to c/technology@lemmy.world
221 comments fedilink hide all child comments

Q. Is this really as harmful as you think?

A. Go to your parents house, your grandparents house etc and look at their Windows PC, look at the installed software in the past year, and try to use the device. Run some antivirus scans. There’s no way this implementation doesn’t end in tears — there’s a reason there’s a trillion dollar security industry, and that most problems revolve around malware and endpoints.

you are viewing a single comment's thread
view the rest of the comments
[-] A_Random_Idiot@lemmy.world 28 points 2 months ago* (last edited 2 months ago)

I cant believe they are including this in enterprise edition too.

They usually keep their dirty spyware out of the enterprise editions to avoid losing corporate clients who dont want their secrets easily pluckable.

[-] sebinspace@lemmy.world 11 points 2 months ago

My hospital will be freaking the fuck out about this right… about…. Now.

[-] andrade@infosec.pub 10 points 2 months ago

Maybe in the future it can be used by managers to keep an eye on what their underlings are doing at all times. I suggest calling the manager's remote version Microsoft Panopticon.

[-] ezterry@lemmy.zip 4 points 2 months ago* (last edited 2 months ago)

Ask yourself what this feature is actually useful for. Ignore the concerns of privacy just what can this really do.

Its not really needed for copilot, if it wanted to capture what you were doing it would directly update the internal model, no reason for the slide show of your action.

No besides wasteing disk space this is for:

  1. Gaming youtubers to get a screen shot of something when they were not recording
  2. Some screen shots of history when searching not better than the file/website preview really
  3. Tracking and logging what the end user is doing so when audited by the manager/it they can use it as proof you are not doing it right/are inefficient /should ve fired

By all means a company can disable this in policy im sure, but its for the enterprise not the end user. (and yes stored locally, but if you delete the laptop when they want to inspect it that likely is all the excuse they need)

[-] tidaL@lemmy.world 1 points 2 months ago

Benefit to my org is getting billers to look for untracked time, which would equate to some percentages of revenue increase in my opinion.

Just need to balance it with security concerns..

[-] ezterry@lemmy.zip 1 points 2 months ago

enable for roles with more locked down PCs and tasks the companies hope to automate, and disable on more core mission critical IT..

this post was submitted on 01 Jun 2024
1018 points (97.9% liked)

Technology

57438 readers
5450 users here now

This is a most excellent place for technology news and articles.

Our Rules

  1. Follow the lemmy.world rules.
  2. Only tech related content.
  3. Be excellent to each another!
  4. Mod approved content bots can post up to 10 articles per day.
  5. Threads asking for personal tech support may be deleted.
  6. Politics threads may be removed.
  7. No memes allowed as posts, OK to post as comments.
  8. Only approved bots from the list below, to ask if your bot can be added please contact us.
  9. Check for duplicates before posting, duplicates may be removed

Approved Bots

founded 1 year ago
MODERATORS
L3s@lemmy.world
enu@lemm.ee
fry@fry.gs
L3s@fry.gs
enu@lemmy.world
L4s@fry.gs
L4s@lemmy.world