Mastodawn

We're ready for Microsoft Recall and the automatic screenshots it takes of everything on your desktop.

Signal Desktop on Windows now includes support for a new "Screen security" feature designed to block screenshots of your Signal chats.

https://signal.org/blog/signal-doesnt-recall/

By Default, Signal Doesn't Recall

Signal Desktop now includes support for a new “Screen security” setting that is designed to help prevent your own computer from capturing screenshots of your Signal chats on Windows. This setting is automatically enabled by default in Signal Desktop on Windows 11. If you’re wondering why we’re on...

Signal Messenger

Tanguy ⧓ Herrmann May 21

@signalapp I was quite annoyed when I heard about Recall.

You guys delivered! Thank you!

@dolanor @signalapp The real solution isn't a one program fix, the real solution is to ditch Windows...

b̴̨h̷̢̨s̴̡̡̕͡ù̢á̴͘͠r͘͝e̛͠z̨̀May 22

@Rastal @dolanor @signalapp easier said than done for corp IT fleets that are heavily invested in Windows — I agree with you but switching several thousand endpoints to a different operating system is just not cost effective. Signal understands that.

Dima Pasechnik 🇺🇦 🇳🇱

@bh @Rastal @dolanor @signalapp
being sued out of existence for leaks caused by an insecure platform isn't cost-effective either.

b̴̨h̷̢̨s̴̡̡̕͡ù̢á̴͘͠r͘͝e̛͠z̨̀May 22

@dimpase @Rastal @dolanor @signalapp I’m not understanding your reply. Are you suggesting organizations that heavily use Windows could possibly be sued due to Windows Recall?

Dima Pasechnik 🇺🇦 🇳🇱May 22

@bh @Rastal @dolanor @signalapp
organisations and businesses often have to deal with classified materials, trade secrets, privacy-related issues, etc.

Forget Recall, even using the autosave feature of recent releases of Word saves stuff to OneDrive.

b̴̨h̷̢̨s̴̡̡̕͡ù̢á̴͘͠r͘͝e̛͠z̨̀May 22

@dimpase @Rastal @dolanor @signalapp agreed, which is why suggesting to ‘ditch Windows’ is not very feasible for those orgs due to the lack of auditable mobile device management systems that comply with regulatory requirements.

As far as I know, Microsoft Intune is the only MDM that runs well enough on Linux that doesn’t give a sysadmin headaches, but that’s not really moving off the platform that runs Windows.

b̴̨h̷̢̨s̴̡̡̕͡ù̢á̴͘͠r͘͝e̛͠z̨̀May 22

@dimpase @Rastal @dolanor @signalapp you can change the default location of where Office saves files with group policy — no way to do that with Linux so I understand how Linux doesn’t operate the same way, but my point still stands. Changing operating systems is a nightmare.

https://support.microsoft.com/en-us/topic/what-administrators-need-to-know-about-the-new-save-experience-in-office-c1f1a8a7-967b-45b3-a9df-910fbf93311f

What Administrators need to know about the new Save experience in Office - Microsoft Support

b̴̨h̷̢̨s̴̡̡̕͡ù̢á̴͘͠r͘͝e̛͠z̨̀May 22

@dimpase @Rastal @dolanor @signalapp btw I used to work at NUIT so I know first hand what it’s like to force tenure faculty to do anything they don’t want to do… 😉

Dima Pasechnik 🇺🇦 🇳🇱May 23

@bh @Rastal @dolanor @signalapp
This is BS. M$ tools are simply not fit for academia, or any place that has to interoperate with the larger non-M$ world out there. E.g. they actively prevent us to conduct an intelligent discussion via email.

E.g. Outlook is simply not capable of property formatting in-text reply emails, and similarly email clients out there are not capable to deal with the mess M$ creates in their HTML emails (thanks, M$, for giving birth to this pile of crap).

At one of my university employers they lost years of my Exchange-managed emails, cause even backups are not something this software renting business is capable to provide. I did have personal backups of most of them, though.

b̴̨h̷̢̨s̴̡̡̕͡ù̢á̴͘͠r͘͝e̛͠z̨̀May 23

@dimpase @Rastal @dolanor @signalapp yes this is BS (that is me, my initials) and I couldn’t agree more with your sentiment to M$. I’ve hated administrating anything Microsoft owns and that is why our corporate fleet is all macOS (I work in parking now)

Also, my condolences to you and the difficult experiences you had with university IT. Lack of backups is simply unacceptable and glad you do your own. M$ Exchange is just garbage.

Dima Pasechnik 🇺🇦 🇳🇱May 23

@bh @Rastal @dolanor @signalapp
No way?
It's trivial to set a global default location for autosave files of, say, vi, on Unix, it's in a text file in /etc, you know. M$ got to stop bragging about them being oh so sophisticated wrt to user management.

PS. group policy, shmoop policy. Universities bought into M$ cause the suits were assured they can lay off IT people, and let their functions be performed by totally IT-illiterate secretaries. Over in Oxford they never managed to configure my Teams so that I can initiate calls. The M$ system tools are overdesigned, and too complex for anyone with IQ below 120 to do anything non-trivial.

b̴̨h̷̢̨s̴̡̡̕͡ù̢á̴͘͠r͘͝e̛͠z̨̀May 23

@dimpase @Rastal @dolanor @signalapp agree with your point. M$ Exchange was the only way to have securely reliable email services on premise for academia. But when the cloud ☁️ appeared, then magically the cost of support and licensing for on-prem got really expensive. The shift to “hybrid” began and IT teams were forced to learn and support new technologies and M$ didn’t keep up with quality software

b̴̨h̷̢̨s̴̡̡̕͡ù̢á̴͘͠r͘͝e̛͠z̨̀May 23

@dimpase @Rastal @dolanor @signalapp but now M$ is deliberately using AI to help Israel commit genocide, so we can see where their ethics are. Fuck them https://www.theverge.com/tech/672312/microsoft-block-palestine-gaza-email

Microsoft blocks emails that contain ‘Palestine’ after employee protests

Microsoft employees are reporting that emails that mention Palestine are being blocked. Microsoft has confirmed it has made some changes to its email systems.

The Verge

Dima Pasechnik 🇺🇦 🇳🇱May 23

@bh @Rastal @dolanor @signalapp
Before Exchange got born, people were running email servers on premises just fine, I don't see what you mean by "the only way". That is M$ propaganda.

b̴̨h̷̢̨s̴̡̡̕͡ù̢á̴͘͠r͘͝e̛͠z̨̀May 23

@dimpase @Rastal @dolanor @signalapp who was managing the security of those on-prem servers?

Dima Pasechnik 🇺🇦 🇳🇱May 23

@bh @Rastal @dolanor @signalapp
hmm, do you honestly think that this is such an impossible task, manage security of on-prem servers? I am running my own email servers for over 25 years, and I don't think I ever had a security breach.
What's so complicated about it, that only M$ on their crapOS can achieve?

b̴̨h̷̢̨s̴̡̡̕͡ù̢á̴͘͠r͘͝e̛͠z̨̀May 23

@dimpase @Rastal @dolanor @signalapp its easy to self-manage and self-host for a handful of users but IT teams need to account for scalability. In theory it seems easy, but when you’re tasked with patching ~200 servers one by one, and it takes away time from your life — you really want a centralized service that can help with those efforts of and maintaining reliability and security.

what would indicate a breach of email service?

Tanguy ⧓ Herrmann May 23

@bh @dimpase @Rastal @signalapp I don't see how patching 200 windows on premise servers is easier than 200 linux on premise servers.
I would argue the total inverse.

I'm also very sure that gmail doesn't run on windows server.

And when hotmail, who was run on BSD, if I'm not mistaken, got bought by Microsoft and they forced the switch to exchange servers, the migration really went bad for a while.

So I don't think I agree with your point.

b̴̨h̷̢̨s̴̡̡̕͡ù̢á̴͘͠r͘͝e̛͠z̨̀May 23

@dolanor @dimpase @Rastal @signalapp I’m only speaking from my own experience