Email or username:

Password:

Forgot your password?
evacide

"...a would-be hacker would need to gain physical access to your device, unlock it and sign in before they could access saved screenshots."

I've got some news for Microsoft about how domestic abuse works.

bbc.com/news/articles/cpwwqp6n

80 comments
Kevin Beaumont

@evacide also malware. Infostealers that access local password managers in browsers don’t need physical access, to unlock it or sign in - and they’re a huge problem.

skry

@GossiTheDog @evacide This sounds like employer surveillance ware that can also be abused by any family admin. I can’t think of any reason I would want such a thing, as a user.

Also, if browser password managers are insecure, we should be shouting that from the rooftops.

xyhhx 🔻

@skry they're not, and people do, but nobody cares. anyway to be clear: browsers' password managers are totally insecure.

good options include bitwarden or keepassxc/keepassdx (the former is easier, and a good option if you dont want to invest energy on your password manager; latter is more tedious but is strictly offline which may be preferable)

@GossiTheDog @evacide

skry

@xyhhx @GossiTheDog @evacide Thank you. I have never used browser password managers, but I rarely hear any advice to the public from infosec pros about not using them. (Same with antivirus.)

I like Strongbox’s user experience for Keepassxc on macOS.

Brian Clark

@GossiTheDog @evacide I don’t understand why anyone would want this at all. Besides the issues you both have brought up, this doesn’t even really make sense as a product feature

potpie

@deepthoughts10 @GossiTheDog @evacide It feels like the main demographic for all new features in tech are other tech giants and governments. I'm pretty sure the thinking here was, "okay the customer wants us to log user activity in screenshots... how can we PR that bullshit into a feature?"

SuperMoosie

@potpie

Next step, your company trains AI these images and uses that AI to replace you.

Employee leaves company, manager uses this to fill knowledge gaps.

Just wait for the corporate it tools that will be developed to "manage" " secure" and back up this data to the MS cloud.

Pete Wright
@GossiTheDog @evacide common it’s not like the average users computer is connected to the internet. And MSFT does have a great history of proactively protecting their users…
raven

@evacide@hachyderm.io i like how they try and imply that "unlock" and "sign in" are two steps LMAO nah this is DEFINITELY gonna be used by parents and abusive partners

Urzl

@evacide Or social engineering of any kind?

wrosecrans

@evacide

... as opposed to all the would-be hackers who have never thought to try to unlock a device and sign into it, or access data without proper credentials.

It's like Microsoft is just sort of taunting hackers to try and get it broken as quickly as possible for some reason. Is this feature being implemented because somebody lost a bet, or the NSA has compromat on Nadella, or what?

evacide

@wrosecrans This feature is being implemented because there were zero survivors of domestic abuse involved the high-level decision-making.

wrosecrans

@evacide I absolutely believe you there. But I still struggle to understand why it got implemented. There are a zillion other obvious reasons it's a bad feature that one would notice even if they weren't sensitive to that specific issue.

This is gonna have screenshots of HIPAA protected data. Trade secrets. API keys. Passwords. HR department PII. GDPR protected stuff. On and on and on.

Maggie Maybe

@wrosecrans @evacide yes thank you for this, I don’t have a G.I. doctor now because I refused to use zoom to discuss my medical problems because they got busted giving everybody’s information to Facebook. I’m not giving up my medical privacy. And now people who are forced to use the portal to communicate with their doctor have this extra level of surveillance.

mybarkingdogs

@wrosecrans @evacide Also, what I really don't get is the actual use case.

Why the hell risk everyone's security and privacy AND require far more space and processing power requirements (this is going to be a complete nightmare for gamers who run highest settings, even with the privacy issues aside - it will make these machines literally unusable for running high-demand anything)?

I just don't get it. Like WHY

wrosecrans

@mybarkingdogs @evacide Yeah, so far the arguments I've seen for it are just "You are an idiot and I'm assuming it's not really dangerous."

But, "We spent millions of dollars of R&D on making a perfectly spherical beryllium sphere for our new car model. It's not dangerous, it just takes up room in the trunk" would be a terrible sales pitch from a car company. That seems to be the strongest argument in favor I've seen so far, even if you accept the wrong claims about it not being dangerous.

Jennifer

@wrosecrans @mybarkingdogs @evacide I have been using computers since the first crappy ones where you had to use arrow keys to move the cursor. Not once in all these years did I ever wish for this stupid feature. Tech companies are going off the rails

violetmadder

@wrosecrans @mybarkingdogs @evacide

Absolutely nobody:
Big tech: "Good news everyone! We built another new Torment Nexus into all your computers!"

mybarkingdogs

@wrosecrans @evacide (also, since gaming, graphic design, animation, film editing, and other high demand graphical applications are reasons people use Windows machines - e.g. because their favorite game or the program/app they need to use won't work/work well on Linux ... this is going to shoot them in the foot even outside of privacy issues, by making slow, buggy machines unsuited for those uses)

Mike :nixos:

@mybarkingdogs @wrosecrans @evacide because we're in the AI gold rush where we have solutions looking for a problem

datarama

@mybarkingdogs @wrosecrans @evacide I think the actual use case is transparently obvious: surveillance data harvesting for further AI training.

wrosecrans

@datarama For right now, MS is insisting that it won't be used for training. So it seems to be some sort of long term plan to dishonestly insist that it's not what it is. So it's both something their users don't want, and something they are choosing to drag their reputation through the mud to lie about. Which makes me even less excited about the end state.

datarama

@wrosecrans I think they, like basically every other large tech company right now, is salivating about the prospect of creating AI that they can sell to other businesses so that they can get rid of their human employees.

If you have *that*, what do you need consumer trust for? Every enterprise in the world is dependent on you now, and you don't need consumers anymore.

(If they can pull it off is another matter. But it's clear that this is the dream.)

Misuse Case

@wrosecrans @evacide Nobody consulted a policy and compliance specialist about this. It’s shocking that Microsoft didn’t get input from at least one. This would violate a lot of data protection policies for many enterprise customers.

wrosecrans

@MisuseCase If I had to guess, the feature is not compliant with Microsoft's own legal department's retention policy, and Microsoft's lawyers are about to scream about the fact that if MS gets sued, the blast radius for document discovery just exploded if they don't disable it internally.

Andrew Zonenberg

@wrosecrans @MisuseCase I would be extremely surprised if this doesn't ship with a GPO to disable it.

(Also, MS not enabling group policy on consumer focused windows editions probably ranks alongside the Win8 start menu destruction as one of the worst design decisions they've ever made)

wrosecrans

@azonenberg Sure, but the biggest risk is to people and orgs that aren't executing infosec perfectly. Ooops we had a bad password policy multiplied by ooops we left Recall's GPO default.

In a hypothetical perfect IT environment where all GPO's and such are perfectly managed, Recall probably poses little risk to start with. It's only dangerous in the real world.

Andrew Zonenberg

@wrosecrans Yeah agreed. It's just one of 500 catastrophically horrible anti features that people will need to turn off to regain some semblance of a secure baseline.

d@nny "disc@" mc²

@wrosecrans @MisuseCase this was also the case for copilot which i'm pretty sure still has the CCPA violation extant among the claims in the class action suit for slurping up all code input including e.g. passwords and API keys but they thought they could get away with that via one-off modifications to hamper evidence collection so unclear why their lawyers would think this is any different

wrosecrans

@hipsterelectron

I continue to be fucking baffled by Copilot. I assume the engineers just fully lied to the lawyers in order to get legal to sign off on it.

I can't imagine a lawyer understanding the plan and being like, yup, let's just YOLO stealing at the courts and find out what happens. Could be neat.

d@nny "disc@" mc²

@wrosecrans i believe openai is being used as a front company to derisk breaking the law and they are playing a much longer game than just copyright but instead surveillance and monopoly go hand in hand circumstances.run/@hipsterelec

klausfiend

@hipsterelectron @wrosecrans It would be a massive boon to a central government to have a machine to harvest, collate, and analyze all citizen activity. Stasi would wet its pants at the thought of something like Replay.

d@nny "disc@" mc²

@klausfiend @wrosecrans had someone else advance my thinking on this just a few moments ago actually and now i'm completely with you circumstances.run/@hipsterelec

Olivier

@wrosecrans see recent Slack policy change: you've been using our software for years. We own you now. Good luck migrating to anything else, suckers.

P Stewart

@wrosecrans @evacide I'm pretty sure it's getting implemented because some credulously hype-tracking investors went "hey, AI makes the line go up, that means you *must* put more of that in right now, no other option exists."

JW Prince of CPH

@pstewart @wrosecrans @evacide Yup. It's FOMO in its saddest, most harmful form...

Maggie Maybe

@evacide @wrosecrans I can’t figure out why anybody would even want this feature. Like I appreciate that Word can be sent to automatically save the document you’re working on every few seconds or whatever so if you computer crashes you don’t lose everything.

But why would I want screenshots of everything I do on the Internet saved? If I’m in the middle of something and my computer goes down I can easily find where I left off using the history in my browser. Why would I need to dig up old screenshots of what I was typing on the screen five minutes ago or last week?

@evacide @wrosecrans I can’t figure out why anybody would even want this feature. Like I appreciate that Word can be sent to automatically save the document you’re working on every few seconds or whatever so if you computer crashes you don’t lose everything.

But why would I want screenshots of everything I do on the Internet saved? If I’m in the middle of something and my computer goes down I can easily find where I left off using the history in my browser. Why would I need to dig up old screenshots...

Nonya Bidniss 🥥🌴

@maggiejk Maybe they were trying to come up with some way to constantly feed their Copilot LLM. I'm trying to think of the most banal-evil thing here. @evacide @wrosecrans

SuperMoosie

@Nonya_Bidniss @maggiejk @evacide @wrosecrans

Screen shot every few seconds, train AI and company can replace you with AI?

Just wait for the 3rd party corporate it tool to manage ans leverage this data.

Nobody

@evacide @wrosecrans why does it not surprise me that us #domesticviolence #warriors weren’t heard or even asked about this. 😞🧘🏻‍♀️

wrosecrans

@nobodypsyd @evacide Because you would have said the lives of human beings are more important than the product lifecycle, and that's not what they want to hear.

rhempel

@evacide @wrosecrans I have to believe that there were many, many developers at Microsoft the said this was a terrible idea - I also have to believe that they were simply ignored because this was somebody's pet project.

:blahaj: Why Not Zoidberg? 🦑

@evacide @wrosecrans I have a strong reason to suspect that nobody thought about it because tech bros.

mav :happy_blob:

@evacide
There is also the more sinister possibility that there were and they just didn't care.

I think we significantly underestimate the number of people who operate exclusively in their own self-interest (which is to say, making money first, then everything else.)
@wrosecrans

Jon Anderson

@evacide Between Apple's AirTags being very good stalker tools and Microsoft releasing Recall, are they trying to one-up each other for who can enable domestic abuse the most?

enoch_exe_inc

@evacide Also, parenting. Respect for young people’s privacy has always been extremely low. This will annihilate it completely.

Maggie Maybe

@enoch_exe_inc @evacide Just in time for all the anti trans laws and for putting students on terrorist watch lists for caring about the genocide.

James Henstridge

@evacide I guess they've also never travelled internationally and had a border security agent ask to inspect their laptop. That's usually an "unlock the device or have it confiscated" situation.

Maggie Maybe

@jamesh @evacide oh no I’m sure this is part of why they did this. #GenoicdeJoe needs to lock up all his critics before November.

Stuart Celarier

@evacide Also clearing international customs and court-ordered discovery. Huh.

DELETED

@evacide They have a course on Coursera on Cybersecurity

DELETED

@evacide i wonder how many time it will need for stalkerware to do it remotely.

and god this feature seem completely useless in my mind like even i that log many thing i never want it to exceed 3 day.

And what about consensual intimate remote discussions i mean the AI will « see » and « recall » everything what if you forget to lock your device ?

Jimmy Hoke

@evacide Tech companies try not to enable domestic abusers challenge: impossible.

Nobody

@evacide say it louder for those in the back!!! 😞

Ash

@evacide Yeah, it's really kind of frustrating when the retort from someone like Raymond Chen is that "But the attacker is already through the air-tight hatch by then." That doesn't mean you should make their job easy, what the heck?

Irenes (many)

@ashteranic @evacide yeah there are many security topics where that's a sound principle. the domestic abuse threat model is not one of them.

mkj

@ashteranic @evacide Yeah, that. "Attacker is already on the other side of the airtight hatch" a retort that makes sense in some situations, but I dare say not in this one.

Simply that the data *exists* puts it at risk. Anyone who thinks that nation-state actors or domestic abuser wouldn't LOVE to have this ability is naïve.

Same reason why I argue that in politics, just because a later government *could* do something bad (for some value of bad) doesn't mean that you should do it *for* them.

horsey

@evacide Sounds like a good time for people to start to migrate to Linux.

nonlinear

@evacide cishet white dudes have very different threat models than the rest of us

mkj

@nonlinear @evacide There are people like that who are appalled at the idea of this, too.

Because if nothing else, some people actually have empathy for others.

But such people rarely seem to make it to high-level executive positions in multinational corporations; and thus rarely get to call the shots.

Matthew Miller

@evacide

Uh, "For example, users can opt out of capturing certain websites" = "please make an intentional document attesting to the complete list of websites you are most embarrassed by visiting. what could go wrong?"

Gabriel Viso ☕️👾

@mattdm @evacide And how do I, a non-Microsoft user, opt out of any windows copilot+ owner having their recall recording me? Do I just cautionarily block all Microsoft user agents in my video calls and chat sessions?

mkj

@mattdm @evacide Pretty much. And the "private browsing in Edge will be exempt". Way to go to force people into a software choice they otherwise wouldn't make. I wonder what the EU competition watchdogs will have to say about that?

Gretchen Anderson

@evacide I’m not a hacker but this seems not true?

mkj

@gretared @evacide What is it that seems not true? (Genuine question.) Microsoft's "Recall" has been all over the tech media for the past few days, so if that's untrue, it's a dang good rug-pull on someone's part.

Sumukha S

@evacide Your employer will definitely enable this.

S4GU4R0

@evacide additionally, a lot of "hacking" is social engineering and not technical engineering as well. all someone has to do is walk away near someone they trust but shouldn't. the only thing this feature seems to help is microsoft farm data.

DELETED

@evacide this. I was thinking about this while reading the announcement.

georgebaily

@evacide and unlike every other feature in the history of computers, their thteat model is 100% accurate and "hackers" will respect it. PS ofc we back this all up to onedrive

Don Holloway

@evacide

You are right to point out domestic abuse. In addition to "the stalker inside the house" this now provides a mechanism for people with the ability to access activity data even with very limited physical access to the computer.

Kind of like putting an air tag on someone's car.

I genuinely wonder about the corporate strategist that looks at the data breaches and scrutiny that Microsoft has brought on itself and then thought 'This is a good time to announce a keylogging product!'

1 tripod in 3 trenchcoats

@evacide I find it interesting that I have been reading about this on multiple pages, and there was literally no single comment (or article) that thought this "feature" was a good idea.

What sort of plank managed to get this through internal approval at MS?

Oook

@evacide Honestly I am not sure domestic abuse is relevant in this case. If your domestic partner is abusive/malicious and has access to credentials of your devices, this is pretty much game over already regardless of the presence/absence of that feature.

Asta [AMP]

@evacide@hachyderm.io thinking about that time I watched emails disappear in real time (and later learned this was how certain email addresses were scraped)

or the time my spotify started playing a different song ("fuck you" by Lily Allen)

yep, no potential for abuse here at all.

Jax UK

@evacide

This can only have nefarious purposes. I cant imagine any practical use for the device owner at all. I have been reading the comments and thinking about all the ways these devices would still access my image or details even if I dont use a microsoft PC (I'm downloading linux TODAY - this is too far). Other microsoft devices at my bank if I call customer services, facebook friends, mastadon users reading my posts, insurance company, local council, all using microsoft devices that could potentially have access to my data and countless others.

This will make our devices the perfect spy network, and I dont believe for one second that the screenshots will not be accessed by micrsoft down the line. This is just the first step to get us comfortable with their existence.

I work from home and hope to gawd my employers dont blindly go along with this.

@evacide

This can only have nefarious purposes. I cant imagine any practical use for the device owner at all. I have been reading the comments and thinking about all the ways these devices would still access my image or details even if I dont use a microsoft PC (I'm downloading linux TODAY - this is too far). Other microsoft devices at my bank if I call customer services, facebook friends, mastadon users reading my posts, insurance company, local council, all using microsoft devices that could potentially...

Oggie

@evacide Oh they need to get physical access to the device and input passwords?

Or, and stay with me on this journey, microsoft is not a godlike being that never rolls out code with bugs. And any, ANY exploit here is going to be such a ridiculously awful fail state.

Go Up