Microsoft should recall Windows Recall" — Security researcher finds Microsoft's new AI tool woefully insecure

TechFreak1

Moderator
May 15, 2013
4,626
19
38
Visit site
Oh boy.... I wonder who was supposed to test this feature... oh wait Microsoft axed their dedicated QA team and programmatic testers.... it's as if like erm... axing these teams was what do you call it?

Ah right, very "regrettable".... 🤦‍♂️ this was a totally expected outcome as devs cannot be expected constantly test and reiterate as there is not enough coding hours.

In another shortsighted decisions for quick shareprice boost Microsoft has caused further damage to their reputation with consumers. As unlike Apple and Google who get a free pass when it comes to data collection. Microsoft does not, as they are treated with immense skepticism and rightly so due to past behaviour.

After all Microsoft also layed off their dedicated AI ethics and society team.... I'm sure this won't be another "regretable" decision down the line /sarcasm.

Microsoft needs to rehire the testers and dedicated QA team as well as the dedicated AI ethic and society team. As reliability and trust are key fundamentals of any operating system - unlike the 90s Microsoft can not rely on the generations that grew up the push of "pcs in every household" to maintain marketplace dominance and profits.

Generations are growing up in households were Microsoft is entirely absent and it is profoundly naive to think neither Apple, Google or Amazon won't make inroads in data centre infrastructure thus further restricting Microsoft profit margins. If Microsoft does not have reliable edge devices, OEMs will go elsewhere and it's already happening as they are already experimenting with differentiating software as they have hit limits of hardware. The only logical next step beyond that is an o/s in which Microsoft will be reduced to productivity applications.
 
  • Like
Reactions: Cosmocronos

bradavon

Member
Nov 27, 2016
115
20
18
Visit site
Whilst yes it's optional, what the article doesn't state is it's On by default and the OOBE makes it unclear this is the case. It's expecting on-techhnical users to venture into Settings which they never do.

I bet Microsoft changes the Business editions of Windows so this is off by default, as for sure all IT Admins are going to disable it.
 
  • Like
Reactions: Cosmocronos

Ron-F

Member
May 20, 2014
69
25
8
Visit site
I was listening to the WP's podcast where the hosts were excited by the feature and dismissive to the early criticism regarding the security of the app. I know the boys were speaking in good faith, but it is a good thing to have caution any time a giant corporation proposes a service with potential privacy violations.

Anyway, Recall has potential, and I believe the security flaws were not result of malice but rather incompetence. I am quite sure Microsoft will get somewhat right by the third version.
 

dirtyvu

Member
Dec 23, 2010
134
6
18
Visit site
you have to look at the contrived situation that is being posited. The security expert is talking about a hacker that is already logged into the user account and thus has access to Recall data. If the hacker already has access to the system, the system is completely compromised so Recall is the least of the problems. There are many other situations that are more dangerous. Like how the vast majority of users run in administrator accounts rather than standard accounts (a more optimal security setup is where you have an admin account that you reserve for maintenance of your PC while you operate on a daily basis within a standard account which is safer because it has active UAC prompts that you can see where something is asking for elevated permissions).
 

Members online

Forum statistics

Threads
326,392
Messages
2,248,302
Members
428,486
Latest member
Yasser Lopez