Charlie StrossJun 4, 2024

Welp, I knew Microsoft's CoPilot+ Recall was going to be a privacy disaster but I didn't expect it to turn into an enterprise computing catastrophe for Microsoft *quite* this fast!

But this can't be a one-off. Any large enterprise that has to comply with a regulated privacy environment—HIPAA in the USA, GDPR in the EU, banking/insurance/finance globally—must be considering a ban on Microsoft installations on laptop/desktop computers right now or be breaking the law.

https://infosec.exchange/@SecurityWriter/112558224281615019

Security Writer :verified: :donor: (@[email protected])

If you’re wondering how the Microsoft Recall scandal is going, I’ve just had a client tell me they’ve replaced their order for 10k Microsoft Surfaces with new MacBook Airs, at nearly twice the cost, and that we need to start the ongoing 6 month endpoint security project over.

Infosec Exchange
Show threadFrank Endrullat 🌻Jun 4, 2024
@cstross @SecurityWriter Iguess it can be mitigated up to a point by corp policies applied to devices, disabling stuff. But nevertheless it’s is a PR and privacy disaster. What were they actually thinking?? 🤔
Show threadblueorangeblue
@FrankEndrullat @cstross @SecurityWriter a lot of the rubbish that is foisted on domestic users is disabled via corporate group policy
Jun 4, 2024 at 1:20pmWeb