Kevin BeaumontMay 21, 2024

For those who aren’t aware, Microsoft have decided to bake essentially an infostealer into base Windows OS and enable by default.

From the Microsoft FAQ: “Note that Recall does not perform content moderation. It will not hide information such as passwords or financial account numbers."

Info is stored locally - but rather than something like Redline stealing your local browser password vault, now they can just steal the last 3 months of everything you’ve typed and viewed in one database.

Show threadJon GreigMay 21, 2024
@GossiTheDog it’s like they got a focus group of cybercriminals together when making this
Show threadYsegrim
@jgreig @GossiTheDog I hate "cloaking password entry" like the plague. Cloaking password entry is a guarantee for insecure passwords in any environment that uses multiple or stateful keyboards or -layouts.
May 21, 2024 at 8:06pmWeb