Microsoft Recall has been a dumpster fire since it was announced. It was seen as a privacy nightmare. Then a security researcher found how insecure it was. Since them, it has come to light that the situation is even worse than previously thought. I would recommend reading this article because it’s just mind blowing.
In any case, I guess that this all became too much for Microsoft who posted this blog post on Recall:
Even before making Recall available to customers, we have heard a clear signal that we can make it easier for people to choose to enable Recall on their Copilot+ PC and improve privacy and security safeguards. With that in mind we are announcing updates that will go into effect before Recall (preview) ships to customers on June 18.
- First, we are updating the set-up experience of Copilot+ PCs to give people a clearer choice to opt-in to saving snapshots using Recall. If you don’t proactively choose to turn it on, it will be off by default.
- Second, Windows Hello enrollment is required to enable Recall. In addition, proof of presence is also required to view your timeline and search in Recall.
- Third, we are adding additional layers of data protection including “just in time” decryption protected by Windows Hello Enhanced Sign-in Security (ESS) so Recall snapshots will only be decrypted and accessible when the user authenticates. In addition, we encrypted the search index database.
Now to be fair to Microsoft, these are all meaningful changes. But I have to ask the question that most people are going to ask. Why was none of this part of the original spec for Recall? That might have mitigated some of the blowback. On top of that, even with these changes, I wouldn’t recommend ever using recall. Just think of the nightmares that it would create companies who have this feature turned on and a lawyer knocks on their door as part of some sort of legal discovery process. Or how about a domestic abuser who is intent on going after their partner in any way they can. The risks are too great, and Microsoft has no fix for that. So you’re better off not using it as a result.
Like this:
Like Loading...
Related
This entry was posted on June 7, 2024 at 2:56 pm and is filed under Commentary with tags Microsoft. You can follow any responses to this entry through the RSS 2.0 feed.
You can leave a response, or trackback from your own site.
Microsoft Backtracks On Recall Being Switched On By Default…. Not That It Matters
Microsoft Recall has been a dumpster fire since it was announced. It was seen as a privacy nightmare. Then a security researcher found how insecure it was. Since them, it has come to light that the situation is even worse than previously thought. I would recommend reading this article because it’s just mind blowing.
In any case, I guess that this all became too much for Microsoft who posted this blog post on Recall:
Even before making Recall available to customers, we have heard a clear signal that we can make it easier for people to choose to enable Recall on their Copilot+ PC and improve privacy and security safeguards. With that in mind we are announcing updates that will go into effect before Recall (preview) ships to customers on June 18.
Now to be fair to Microsoft, these are all meaningful changes. But I have to ask the question that most people are going to ask. Why was none of this part of the original spec for Recall? That might have mitigated some of the blowback. On top of that, even with these changes, I wouldn’t recommend ever using recall. Just think of the nightmares that it would create companies who have this feature turned on and a lawyer knocks on their door as part of some sort of legal discovery process. Or how about a domestic abuser who is intent on going after their partner in any way they can. The risks are too great, and Microsoft has no fix for that. So you’re better off not using it as a result.
Share this:
Like this:
Related
This entry was posted on June 7, 2024 at 2:56 pm and is filed under Commentary with tags Microsoft. You can follow any responses to this entry through the RSS 2.0 feed. You can leave a response, or trackback from your own site.