Stories
Slash Boxes
Comments

SoylentNews is people

Submission Preview

No link to story available

MS revamping how Recall works amid its PR nightmare

Accepted submission by Runaway1956 at 2024-06-08 14:35:14 from the MS revamping how Recall works amid its PR nightmare dept.
Security

Runaway1956 [soylentnews.org] writes:

Microsoft is revamping how Recall works amid its PR nightmare
By
Rich Woods

Key Takeaways

        -Microsoft promised groundbreaking features with Copilot+, including Cocreator and Live Captions, but Recall has become a PR nightmare.
        -Concerns about Recall being a security risk have led to backlash and panic among users due to data access vulnerabilities.
        -Microsoft has been silent on Recall issues but is finally taking action to address the security concerns and ensure user control.

One of the key complaints about Recall is that it was opt-out. In the setup experience, Windows just tells you that it's on, and lets you check a box to open settings after setup is complete. Now, you'll have to choose to turn it on during the out-of-box experience, so it's totally opt-in.

Secondly, you'll have to use Windows Hello in order to turn on Recall. The idea is that in order to access it, Windows will have to know it's you.
  Finally, Windows is going to use just-in-time decryption, meaning everything will be encrypted until you've been authenticated. Microsoft also confirmed that it's encrypted the search index database, which was one of the key call-outs in the report from earlier this week.

Microsoft also noted that all Copilot+ PCs are Secured-core, so they're designed to be secure. They have Microsoft Pluton security chips, so there's hardware-level protection going on there.
 

https://www.xda-developers.com/microsoft-recall-pr-nightmare/ [xda-developers.com]

And, all of this makes sense because we know that security chips can't be hacked, because they are secure chips, right? /sarcasm https://www.tomsguide.com/news/billions-of-pcs-and-other-devices-vulnerable-to-newly-discovered-tpm-20-flaws [tomsguide.com]

Oh yeah, the data never leaves your PC. Unless, of course, you do a backup to the cloud, right? In which case your data may be in Sri Lanka, Timbuktu, Israel, or, maybe even Ireland. And, police forces in third world banana republics never get warrants for whatever might be on the server.

The best thing Microsoft can do with CoPilot, is to deep six it. Better yet, deep six all of their "telemetry" along with CoPilot.

Original Submission