evacide"...a would-be hacker would need to gain physical access to your device, unlock it and sign in before they could access saved screenshots."
I've got some news for Microsoft about how domestic abuse works.
wrosecrans... as opposed to all the would-be hackers who have never thought to try to unlock a device and sign into it, or access data without proper credentials.
It's like Microsoft is just sort of taunting hackers to try and get it broken as quickly as possible for some reason. Is this feature being implemented because somebody lost a bet, or the NSA has compromat on Nadella, or what?
@wrosecrans This feature is being implemented because there were zero survivors of domestic abuse involved the high-level decision-making.
@evacide I absolutely believe you there. But I still struggle to understand why it got implemented. There are a zillion other obvious reasons it's a bad feature that one would notice even if they weren't sensitive to that specific issue.
This is gonna have screenshots of HIPAA protected data. Trade secrets. API keys. Passwords. HR department PII. GDPR protected stuff. On and on and on.
Misuse Case@wrosecrans @evacide Nobody consulted a policy and compliance specialist about this. It’s shocking that Microsoft didn’t get input from at least one. This would violate a lot of data protection policies for many enterprise customers.
@MisuseCase If I had to guess, the feature is not compliant with Microsoft's own legal department's retention policy, and Microsoft's lawyers are about to scream about the fact that if MS gets sued, the blast radius for document discovery just exploded if they don't disable it internally.
Andrew Zonenberg@wrosecrans @MisuseCase I would be extremely surprised if this doesn't ship with a GPO to disable it.
(Also, MS not enabling group policy on consumer focused windows editions probably ranks alongside the Win8 start menu destruction as one of the worst design decisions they've ever made)
@azonenberg Sure, but the biggest risk is to people and orgs that aren't executing infosec perfectly. Ooops we had a bad password policy multiplied by ooops we left Recall's GPO default.
In a hypothetical perfect IT environment where all GPO's and such are perfectly managed, Recall probably poses little risk to start with. It's only dangerous in the real world.
@wrosecrans Yeah agreed. It's just one of 500 catastrophically horrible anti features that people will need to turn off to regain some semblance of a secure baseline.