@GossiTheDog since they will be using Copilot to siphon data off of work and personal files to train it, knowing how many key presses happen at what time (but, hopefully not which keys) isn't the worst telemetry on Stalker11.
Top-level
@GossiTheDog since they will be using Copilot to siphon data off of work and personal files to train it, knowing how many key presses happen at what time (but, hopefully not which keys) isn't the worst telemetry on Stalker11. 2 comments
@ankitpati I know, but using that internally at MS... Everything they collect is one more vector for a blackhat to exploit, but I think (hope) they don't match those telemetry details in-house. @GossiTheDog |
@jt_rebelo @GossiTheDog Keypress + timing data can be processed to give the exact identity of the keys.
https://www.usenix.org/conference/10th-usenix-security-symposium/timing-analysis-keystrokes-and-timing-attacks-ssh