Kevin BeaumontMay 21, 2024

For those who aren’t aware, Microsoft have decided to bake essentially an infostealer into base Windows OS and enable by default.

From the Microsoft FAQ: “Note that Recall does not perform content moderation. It will not hide information such as passwords or financial account numbers."

Info is stored locally - but rather than something like Redline stealing your local browser password vault, now they can just steal the last 3 months of everything you’ve typed and viewed in one database.

Show threadJon GreigMay 21, 2024
@GossiTheDog it’s like they got a focus group of cybercriminals together when making this
Show threadFi 🏳️‍⚧️May 21, 2024

@jgreig @GossiTheDog
@hacks4pancakes

Speaking from my compliance aspect, this comprehensively fails PCI and GDPR immediately and the SOC2 controls list ain't looking so good either.

Show threadeddy berthier
@munin @jgreig @GossiTheDog @hacks4pancakes this is anecdotal at this point, but it also seems to effectively disable the private browsing feature of every browser but Edge
May 21, 2024 at 7:39pmWeb