[HN Gopher] Microsoft Recall still storing credit card, social s...
___________________________________________________________________
Microsoft Recall still storing credit card, social security numbers
Author : geekinchief
Score : 137 points
Date : 2024-12-12 17:01 UTC (6 hours ago)
(HTM) web link (www.tomshardware.com)
(TXT) w3m dump (www.tomshardware.com)
| Terr_ wrote:
| > When I entered a credit card number and a random username /
| password into a Windows Notepad window, Recall captured it,
| despite the fact that I had text such as "Capital One Visa" right
| next to the numbers.
|
| That undesirable outcome doesn't surprise me at all. Even if
| someone coded up logic to look for surrounding clues that X is a
| secret, that other data ("X is a password") might only become
| available seconds or weeks later.
|
| For the foreseeable future, these idiot-savant systems
| (especially with append-only autocomplete at their core) will
| continue to be smart enough to get _into_ trouble but not smart
| enough to get _out_ of it.
| dangus wrote:
| I don't even know if this is a negative aspect of what Recall
| is intended to do.
|
| The whole point of Recall seems to be to allow you to...recall
| previous work you were doing.
|
| It reminds me a lot of whole-device backups. If you have some
| secrets in plain view then the backup itself is going to need
| to be secured.
|
| From the Microsoft website:
|
| > To use Recall you need to opt in to saving snapshots, which
| are screenshots of your activity. Snapshots and the contextual
| information derived from them are saved and encrypted to your
| local hard drive. Recall does not share snapshots or associated
| data with Microsoft or third parties, nor is it shared between
| different Windows users on the same device. Windows will ask
| for your permission before saving snapshots. You are always in
| control, and you can delete snapshots, pause or turn them off
| at any time. Any future options for the user to share data will
| require fully informed explicit action by the user.
| iAMkenough wrote:
| It's doing what Microsoft intends, but not what customers
| intend. Entering my credit card or social security details in
| a secure form should not result in it being copied to a
| different folder on my local storage or added to my backups
| without my approval.
|
| Snapshots present a new way of circumventing data protection
| implemented by other apps and websites (if it was visible on
| your screen, that data is now copied somewhere else).
|
| Yes you can delete snapshots AFTER you've determined
| something sensitive has been inappropriately captured, but
| you are not warned or prompted to do so and at that point why
| even use the feature.
| Terr_ wrote:
| > what customers intend
|
| This customer, at least, is firmly entrenched into "if I
| want you to remember something I'll _tell you_ to remember
| it " mode, which encompasses all sorts of regular
| activities like saving a document with a filename, or
| making a browser bookmark. [0]
|
| In contrast, any assistant "looking over my shoulder"
| (human or AI) needs to be trustworthy in two ways: To have
| my best interests at heart, and _also_ to correctly
| understand my what they are seeing and what my intentions
| are for it. I don 't think the current bleeding-edge can do
| that.
|
| [0] An exception might be automatically-kept browser-
| history, but the reason that works is because there's no
| deep semantic analysis, and the main "intent" to be
| captured is "don't record this", a use-case already
| discovered and solved with private/incognito modes.
| jazzyjackson wrote:
| Well it's just kind of silly that Microsoft is silo'd enough
| that they didn't just use data loss prevention that they've
| implemented elsewhere in the office stack. Microsoft outlook
| stops me from sending bank wire details over email.
| With a DLP policy, you can identify, monitor, and automatically
| protect sensitive items across: Microsoft 365
| services such as Teams, Exchange, SharePoint, and OneDrive
| accounts Office applications such as Word, Excel, and
| PowerPoint Windows 10, Windows 11, and macOS (three
| latest released versions) endpoints non-Microsoft cloud
| apps on-premises file shares and on-premises SharePoint
| Fabric and Power BI workspaces Microsoft 365 Copilot
| (preview) DLP detects sensitive items by using deep
| content analysis, not by just a simple text scan. Content is
| analyzed: For primary data matches to keywords
| By the evaluation of regular expressions By internal
| function validation By secondary data matches that are in
| proximity to the primary data match DLP also uses machine
| learning algorithms and other methods to detect content that
| matches your DLP policies
|
| https://learn.microsoft.com/en-us/purview/dlp-learn-about-dl...
| ethernot wrote:
| If you start with a sieve and try and plug all the holes to make
| a bucket you're going to end up with a leaky bucket.
| jfghi wrote:
| I read that as Steve.
| fxtentacle wrote:
| I like that first comment:
|
| "Microsoft continues to have a terrible abusive relationship with
| its customers. It's what Microsoft wants, not what the customer
| wants."
|
| Yup, that pretty much sums up why I left for Linux.
| hypeatei wrote:
| Recall was the catalyst for me switching to Linux. I do not
| wish to tinker with Windows so that it doesn't feed my credit
| card information into an AI black box.
|
| Telemetry by default is unacceptable as well, but not to that
| degree.
| eGQjxkKF6fif wrote:
| Good choice.
|
| I got Ubuntu, Lubuntu, Manjaro, Endeavour, Mx Linux, Fedora,
| Red Hat, Debian, Gentoo galore. Desktop Linux has come a long
| way, and if you like true unix here let me tell you some more.
| I got GhostBSD (https://www.ghostbsd.org/) rocking MATE IDE, if
| you want lightweight Linux desktop I got LXDE, LXFC, Gnome,
| KDE, and a whole lot more.
|
| If you want true freedom, ditch the spyware and head on over to
| desktop Linux where we'll welcome you with open arms.
|
| The excuse of 'But this... and that...' let me stop you right
| there.
|
| You don't need to configure anything. Download Kubuntu and have
| fun with customizing everything in the settings.
|
| When it comes to Windows and Microsoft products the answer is
| 'No.'
|
| Keep it that way. Freedom matters.
| bilekas wrote:
| Sounds like you have some commitment issues with picking a
| distro?
|
| Or are you just trying them all out to let us know? Because
| you've named a few that are all the same family.
|
| People who are unfamiliar with Linux will look at this list
| and just ignore it as too complicated. When in reality it's
| much simpler.
| stuckkeys wrote:
| I got ubuntu desktop, I love it.
| jazzyjackson wrote:
| Gnome Fedora 41 is super pleasant and instantaneous on Apple
| silicon via Asahi. I haven't run into a single issue since
| installing, really impressive work. AFAIK thunderbolt support
| is the only thing lagging behind.
| booleandilemma wrote:
| This sums up almost all software today though.
|
| My Google Pixel continuously asks me if I want to enable photo
| backup.
|
| Uber Eats continuously asks me to enable notifications.
|
| I tell the software no, again and again, day after day, and it
| keeps prompting me.
|
| Most software I use is like this, it seems to be inescapable.
| tdeck wrote:
| > My Google Pixel continuously asks me if I want to enable
| photo backup.
|
| Google Photos does this on non-Pixel android phones too. Many
| times when I open the gallery app I'm confronted with a
| dialog where the backup checkbox is enabled and there's a
| continue button. It's like Google is trying to trick me into
| enabling it. This is an incredibly user hostile design. One
| day I will do it by mistake.
|
| I mentioned this to a friend once and he said his kid got
| ahold of his phone for a few minutes and did enable it,
| causing a massive upload that put his Google account over
| quota. Of course it's a huge hassle to go through and unsync
| the photos without deleting them from the device.
| GauntletWizard wrote:
| To be devil's advocate: if they didn't push this so
| aggressively, the news would be flooded with stories about
| how Google lost Grandma's photos, an iPhone users don't
| have this problem (because apple silently enables it, not
| even giving you a choice).
| tdeck wrote:
| After the first and second time I decline this, what's
| the justification for asking me again? They could at
| least have a "don't ask again" checkbox.
| davidcbc wrote:
| You can disable icloud syncing for photos
| bobim wrote:
| Ok it's enabled by default on iPhones, but once disabled
| it stays disabled. What is silently enabled exactly?
| davidcbc wrote:
| > Google Photos does this on non-Pixel android phones too.
|
| The iOS app as well
| prmoustache wrote:
| Why do you guys keep using it then? I am currently a
| grapheneos user but even when I was using android
| smartphone with manufacturer's provided rom, I would just
| disable apps I don't want to inadvertently use. Main apps I
| was using at the time were the "simple mobile tools" (now
| fossify) apps.
| jazzyjackson wrote:
| jinx! yes I'm happy with fossify too, thinking about
| taking a day to unlock my bootloader and put graphene on
| my xperia, but something was stopping me before... maybe
| the banking apps that refuse to run on a modified
| bootloader? But really I don't need to be banking on my
| phone. I think there are some proprietary video codecs I
| was afraid of losing.
|
| Only other hurdle to open source nirvana is OsmAnd is not
| as slick and smooth as Google Maps. I spent a few days
| acclimating to it and once downloading the gigabytes of
| address-data-to-GPS-coords I could start enjoying offline
| navigation, but when it comes to finding local
| restaurants' and whether they're open its hard to beat
| the Goog.
| bravetraveler wrote:
| I can't be bothered to set up things again or even
| refresh login sessions _[to gain Graphene]_. Simpler to
| disable Photos and use Gallery instead. Eyeroll.jpg
| jazzyjackson wrote:
| Fossify Gallery is a very nice default photo viewer and
| basic editor for android. I have google photos disabled.
|
| https://github.com/FossifyOrg/Gallery
| sitzkrieg wrote:
| and by no you mean the special, "maybe later" that every
| software loves to use
| Symbiote wrote:
| It sums up proprietary software.
|
| FOSS software does not have these misfeatures.
| KaoruAoiShiho wrote:
| Ironically Recall is what made me go back to windows.
| macspoofing wrote:
| >Microsoft Recall screenshots credit cards and Social Security
| numbers, even with the "sensitive information" filter enabled
|
| Because PII detection is a probabilistic exercise. You _will_
| miss things.
| chawco wrote:
| While I agree as a whole, there are parts that are easily
| captured even with some small false positive rate, like credit
| card numbers. I do think it's acceptable to do PII detection
| probabilistically for some classes of identifiers/quasi-
| identifiers, because you can't really do any better without
| crazy false positive rates, things like credit card numbers
| have enough structure that it's more work to do it entirely via
| an ML model with a higher chance of failure, versus just
| building a simple heuristic for it.
|
| Add to that the fact that missing a credit card number is way
| higher stakes than missing something like a zip code, you can
| understand why something like this is just not acceptable in a
| product like this, with the resources Microsoft has at their
| disposal.
| kiratp wrote:
| Specifically regarding credit card security, it's not really my
| problem is it? It's the bank's problem.
|
| The law makes it so.
| HideousKojima wrote:
| Doesn't make it not a pain in the ass to resolve if your card
| information is stolen.
| drdaeman wrote:
| Stolen how? I don't get the fuss.
|
| Please correct me if I'm wrong, but IIRC Recall is opt-in and
| keeps data on-device, and doesn't share it with any other
| systems or parties. And if one's device is compromised,
| they're screwed either way (keyloggers, password managers'
| data, etc), so while Recall data can be an interesting
| target, it's not like it's some game changer. I could be
| wrong, but I believe first iteration was user-accessible
| SQLite3 database (which was an issue), but Microsoft had
| tightened the permissions and isolated those files, so AFAIK
| it now requires additional authentication to access. I don't
| currently use Windows, so I can't really check, but that's
| what I've read.
|
| If something is opt-in, local-only and partitioned away
| (inaccessible to regular-user processes to avoid easier abuse
| by malware and exploits) that sounds like a decent privacy-
| respecting option to me. There are plenty of crappy anti-user
| moves Microsoft had pulled with Windows, but Recall doesn't
| seem like one to me.
|
| Unless, of course, they're forcing this on people (like how
| they aggressively do with Edge and OneDrive), or pull this
| data somewhere despite saying they don't do it, etc etc.
| HideousKojima wrote:
| >Recall is opt-in
|
| For now, until Microsoft decides to silently enable it an
| update like they already do with all of the telemetry and
| similar features in Windows 10 and 11. Barring a _legally
| binding_ promise that they will never reenable it without
| consent they are not trustworthy enough to believe on this
|
| >And if one's device is compromised, they're screwed either
| way
|
| With Recall the level of screwed we're talking can be
| significantly higher, because the kinds of information that
| can be captured are things that wouldn't necessarily be
| captured by other methods (and Recall will have been
| capturing data from _before_ the computer was compromised
| too).
|
| >but Microsoft had tightened the permissions and isolated
| those files, so AFAIK it now requires additional
| authentication to access
|
| Which, as you yourself already mentioned, would be trivial
| to access because you can already put a keylogger or
| similar on the device to get what you need to access the
| Recall files.
| drdaeman wrote:
| > For now, until Microsoft decides to silently enable
|
| Sure. And that's quite possible and something to be aware
| of. But can we agree that in its current state, it's as
| privacy respecting as it could be?
|
| > the level of screwed we're talking can be significantly
| higher, because the kinds of information that can be
| captured are things that wouldn't necessarily be captured
| by other methods
|
| The only difference it makes is immediately after the
| machine is compromised. Then - yes - after you get
| elevated privileges, you immediately have more
| information for malware to sweep. However, I've read that
| typical malware quietly lives on machines for a while -
| for months or even years. It can do its own screen
| recordings just fine, so it's all the same in the long
| run.
|
| Let's not forget that Recall is not some malware forced
| on unaware people, but a legit opt-in feature with a
| reasonable use case - remembering things when our memory
| fails us. One can analyze this risk and make an informed
| decision if benefits overweigh the risks or not.
|
| I have no love for Microsoft or any other big
| corporations, but I feel like defending this particular
| feature, because I do have some love for transhumanist
| ideals, where machines enhance and improve our
| capabilities - and it's one of those things I would like
| to have for myself. As long as Microsoft doesn't move
| away from opt-in and clear language, I'm on their side
| because they did it right (by my book) this particular
| time. But - of course you are correct - a caution is
| warranted (and that's why I don't use Windows, huh).
| a0123 wrote:
| > Please correct me if I'm wrong, but IIRC Recall is opt-in
| and keeps data on-device
|
| I read this and I think: are you the only person on Earth
| to never have used a Microsoft product?
| drdaeman wrote:
| I'm sorry but I do not fully understand what you're
| trying to say.
|
| I have used Microsoft products. I have a Windows VM, and
| an old Windows laptop somewhere. I have no love for
| Microsoft, and is perfectly aware they can do user-
| hostile things. Yet, when analyzing something, I'm trying
| my best to avoid biases and remain neutral and detach
| from my feelings (or propaganda/ragebait/memes/whatever
| you call it) when I'm thinking of something. And this
| particular time, for this particular feature, so far, I
| believe they did alright.
| nhinck2 wrote:
| Microsoft notoriously enables and re-enables features on
| patching regardless of the user's preferences.
| ibeff wrote:
| If you believe that Microsoft is stealing Recall data
| behind its users' backs do you also believe Microsoft is
| stealing any or all of the files stored on Windows
| devices belonging to billions of personal and business
| users? If Microsoft isn't doing that could it be because
| that would be suicidal from a business perspective?
| HideousKojima wrote:
| I don't believe they are proactively stealing user files,
| but they absolutely pit in backdoors for the NSA and
| other western intelligence agencies to exploit at will
| (and I'm sure non-western agencies do it too any time
| they can discover them).
| pdpi wrote:
| > Specifically regarding credit card security, it's not really
| my problem is it? It's the bank's problem.
|
| Replace "problem" with "legal liability" and you're probably
| right. It's still very much your problem, though.
| tpxl wrote:
| Nope. If you give out your cc info, and it gets abused, the
| liability is on you.
| drdaeman wrote:
| That's if you _willingly_ give out your card information? If
| you pull out your card and someone unauthorized looks behind
| your shoulder (or, more accurately, looks at a camera
| recording and sees your card in there), it doesn 't make them
| authorized somehow.
| pluc wrote:
| Have you ever been on the phone with a bank? Any bank? Banks
| don't lose. If this goes mainstream, you can bet there will be
| limiting legislation lobbied by banks to reduce their liability
| in the first week.
| teeray wrote:
| No, it's "Identity Theft." The con the bank uses to shift
| liability back to you.
| lesuorac wrote:
| Well at first it's the bank's problem.
|
| If you end up with a large history of causing problems for
| banks they will drop you as a customer and it becomes your
| problem.
| brunoqc wrote:
| Can we disable recall?
| _joel wrote:
| Don't use windows?
| drdaeman wrote:
| Sure, just... don't enable it? Last I've heard, it's opt-in.
| pavel_lishin wrote:
| It sure is today!
| alkonaut wrote:
| Specifically for credit card numbers those should be easy to
| detect as they are a specific format.
|
| But generally for PII, passwords etc there is no way to know when
| something is or isn't secret or sensitive so either you should
| accept that the recordings are protected enough or just not
| record.
|
| Did this controversy arise from Microsoft first assuming that the
| "recordings are safely stored" would be enough but then public
| reception was negative and now they are trying to "fix" it?
| solarkraft wrote:
| They could have prevented a lot of the backlash by not forcing it
| on people.
| spogbiper wrote:
| who did they force it on?
| JohnMakin wrote:
| The fact it is on your machine at all and cannot be removed
| means it is forced. The fact that it is for now opt-in is
| irrelevant; windows is well known for enabling features
| without user permission that were previously not.
| int_19h wrote:
| The initial iteration (that was scrapped) was opt-out rather
| than opt-in.
| araes wrote:
| How is this even possibly a valid software pattern to enable on
| normal users?
|
| Regularly capturing screenshots of their entire desktop, that 90%
| of users likely do not comprehend, and obviously associate with
| malware behavior. Screenshots. They're not even capturing the
| forms, or the specific input data. Taking entire desktop pictures
| of typing on Notepad.
|
| Using a software that's difficult to tell whether it's installed.
| And then it keeps the credentials, makes it difficult to tell
| whether they've been stored, what info has been stored, whether
| they've been deleted correctly, and makes it difficult for the
| actual computer user to even access the stored images.
| The screenshots appear to be files in a subfolder called
| AsymStore. I couldn't open those either and I tried to open
| them as PNGs, BMPs or JPGs. Perhaps hackers will figure out
| how to open these files, but as far as I could tell, a typical
| user can't open them outside of the Recall app.
|
| This reads like a virus pattern.
|
| Several notable examples of malware, creepware, Remote Access
| Trojans (RAT) that do almost this exact activity: Agent Tesla
| [1], Dark Comet [2], Bifrost [3], and just the general category
| of Remote Access Trojans [4]. Corporate malware.
|
| [1] https://en.wikipedia.org/wiki/Agent_Tesla
|
| [2] https://en.wikipedia.org/wiki/DarkComet
|
| [3] https://en.wikipedia.org/wiki/Bifrost_(Trojan_horse)
|
| [4] https://en.wikipedia.org/wiki/Remote_desktop_software#RAT
| drdaeman wrote:
| It would be, if it would be stealthy enabled, unbeknown to
| machine owner. That - and _not_ the fact it records screen - is
| what differentiates malware from legit software.
|
| It is opt-in, which makes it equivalent of user explicitly
| setting up a camera to record their work, for a well-intended
| ability to review those recordings if they need to recall
| something.
|
| If we'll start saying that end-users are somehow incapable of
| comprehending what screen recording means, then we're basically
| giving up our agency and arguing we need a nanny. I sincerely
| hope we don't. Like, literally, it's a screen recording, anyone
| with a working brain (no matter whenever they're technically
| literate or not) should be able to tell what consequences -
| positive and negative it would have.
|
| I found a screenshot - the opt-in prompt literally says "Allow
| Windows to save snapshots of your screen?" If that's not clear
| or comprehensible, I don't know what is. People who are caught
| by this must simply ignore and not read what it says on the
| screen.
| araes wrote:
| Maybe if it did something very specific you had to set up.
| Maybe. "You're using Microsoft Edge, would
| you like to record your (specific) usage of passwords,
| personal data, and form entries?" (that can be found
| encrypted (here) if you're interested)
|
| Not some large scale screenshot operation. The issue is with
| taking "snapshots of your screen" with no real knowledge of
| what is even going to be worked on or recorded afterward. How
| horrible are the identity theft issues? (BS non-threats
| requiring logins: social blab / news website account with no
| money attached, Normal dangerous stuff: credit card use
| (cancel/contest), Somewhat rare: bank accounts (long bank
| fight), Rare and dangerous: scanned federal IDs (endless
| nightmares with the feds)) It even makes the task a greater
| difficulty because there's so little specificity about what's
| being recorded or what form the recorded information is going
| to take. And the results are notably spotty like the article
| mentions.
|
| Also, 95% users. [1] "Across 33 rich countries, only 5% of
| the population has high computer-related abilities, and only
| a third of people can complete medium-complexity tasks" Even
| if we put this in the "only Poor and Terrible skill users
| would fail" that's still ~50% of the population.
|
| How many click through stuff with "Yet another BS alert to
| get rid of. Go away, I want to actually use my computer." The
| WWW has long ago deadened most to annoying spam popup
| authorizations.
|
| [1] The Distribution of Users' Computer Skills: Worse Than
| You Think: https://www.nngroup.com/articles/computer-skill-
| levels/
| ghelmer wrote:
| I'm not apologizing for MS, and I have no idea what PII
| protection Recall actually has. If Recall does have real PII
| logic, it should recognize that a legitimate VISA payment card
| numbers must start with '4' + be 16 digits in length, and AmEx
| cards must start with '34' or '37' + be 15 digits in length;
| also, the LUHN algorithm must be satisfied over the card digits.
|
| With Recall, it seems false positives for PII-type protection
| rules would be more acceptable than false negatives. But with the
| negative press already around the technology. I'm not sure it
| will ever gain acceptance.
| Rygian wrote:
| There are card numbers that don't satisfy Luhn.
| drdaeman wrote:
| I'm really curious now - which cards don't conform?
|
| I always thought it's basically an industry standard and no
| network issues cards that don't have a correct checksum.
| ceejayoz wrote:
| https://stackoverflow.com/questions/7863058/does-the-luhn-
| al... has a list.
| drdaeman wrote:
| Wow, thank you. TIL!
| johnklos wrote:
| If there isn't a law yet, there should be: if something can be
| done incorrectly, Microsoft will do it incorrectly multiple ways.
|
| Granted, we're a somewhat technical bunch here, so I have to ask:
| do regular people not know that Microsoft is so bad at security
| and self awareness that they literally _can 't_ do something like
| protect users from their own products? Do people still think,
| "Oh, well - 80% of the world can't be wrong"?
|
| I bet they're going to make it exceedingly difficult to disable
| or uninstall, like Edge, once it becomes a mandatory part of
| Windows, aren't they?
| weikju wrote:
| > Do people still think, "Oh, well - 80% of the world can't be
| wrong"?
|
| Yes and "if they're so big they must be doing something right"
|
| And "if they did something wrong the govt would come down on
| them"
|
| And "they already have all my data anyway so who cares?"
|
| I've heard all of those and more.
| nerdjon wrote:
| Honestly at this point did they actually bother to make something
| specifically built and trained to remove sensitive data or did
| they just modify a system prompt to "Don't save possibly
| sensitive data like credit card numbers" and hope that an LLM
| could magically handle this properly?
|
| Why do I have a feeling its the later given all of the other
| issues around this entire thing.
| sitzkrieg wrote:
| i will never move off windows 10 LTSC :-)
| josefritzishere wrote:
| Worst product ever. I think Microsoft's "telemetry" initiative
| has acclimated them to the point where they're just making naked
| malware features now.
| doright wrote:
| I find it interesting that searchable history of computer
| activity is a problem with enough interest that independent
| developers have worked on solutions themselves, some of them open
| source. But a company like Microsoft ought to have much more
| resources such that they can fix these edge cases or realize they
| can't fix them all and design the service accordingly.
|
| So I guess my question is: is a company as big as Microsoft that
| approaches this problem space doomed to fail from the start,
| because of the perception issues? Would this be any different if
| say Apple had developed a Recall alternative and they also found
| it impossible to censor credit card information in an arbitrary
| Notes window someone whipped up as an edge case, like in the
| article? Or could a stricter (outward) stance on privacy make it
| palatable again?
|
| Suppose if everything were assured to be kept under enough layers
| of encryption and the data wasn't synced online at all, would
| storing a credit card number surreptitiously captured on my
| computer be seen as much better if it's Microsoft/Apple I have to
| trust to engineer their AI recall feature in a secure manner?
| alt227 wrote:
| I never heard anything bad about https://rewind.ai which was
| launched exclusively on Mac before Recall was, in fact it was
| praised.
| int_19h wrote:
| As a third party app, most people haven't even heard about
| Rewind.
|
| Recall, by virtue of being a core OS feature - and the one
| enabled by default at that - got a lot more coverage.
| luma wrote:
| One major difference would be in how it is distributed.
| Rewind is an app you go find, install, and deploy. Not a lot
| of concerns around consent there.
|
| Building it into the OS, potentially default on, is the same
| sort of technology. It's not the same sort of consent.
| leptons wrote:
| I do not want Microsoft snooping everything I do, I don't
| trust that they won't do it either intentionally or not,
| and it's the main reason I'm leaving Windows across all of
| my systems after 3 decades. It's all just too much.
| btown wrote:
| EDIT: I may have spoken too soon on the below; I checked
| myself, and the journalist's test card numbers in the OP do
| not, in fact, pass the Luhn algorithm! So perhaps some grace is
| deserved. But I'm preserving my comment below, if anything to
| be illustrative of how companies should approach this, and that
| if you want your product to be secure from criticism from
| journalists who don't know how to make test credit card
| numbers, you should possibly use even more robust approaches
| than what one random person on HN comes up with in real time.
|
| ===
|
| But these are incredibly solvable problems! If a series of
| digits on screen passes the Luhn algorithm
| (https://en.wikipedia.org/wiki/Luhn_algorithm), or matches AAA-
| BB-CCCC, prevent that screen/area from being captured! And
| Microsoft literally owns the code for
| https://docs.github.com/en/code-security/secret-scanning/int...
| for determining other high-entropy secrets.
|
| We're not nearly at the level of https://xkcd.com/1425/ - and
| even that canonical example has been entirely solved by now.
|
| The problem isn't that these things are fundamentally
| impossible. And the problem isn't even that Microsoft decided
| speed to market was more important than safeguarding their
| users' data - I get speed to market!
|
| The problem, allegedly, is that Microsoft said these things
| were fixed without actually fixing them [EDIT: see above], and
| didn't think that their users' data was important enough to
| assign a red team or even an empowered SDET to do even the
| simple tests this journalist did before making that
| announcement.
| therein wrote:
| Even if you trust Microsoft not to keep it, not to access it
| and index it on their cloud, and even if they were kept
| encrypted and local, it is still searchable and index is
| available on runtime. So you have yet another process that has
| this unencrypted in memory. Great target for malware no matter
| what.
| sydbarrett74 wrote:
| My plan is to run HardenedBSD for most things, MacOS for games,
| and Windows for anything that absolutely won't run otherwise.
| Nadella has shown his contempt for power users way too often.
___________________________________________________________________
(page generated 2024-12-12 23:01 UTC)