2024-6-14 22:48:54 Author: securityboulevard.com(查看原文) 阅读量:3 收藏
Redmond realizes Recall requires radical rethink.
As you might recall, last week we said Microsoft Recall is a privacy disaster. And now, Microsoft has had to pull the flagship “AI” feature of its shiny new “Copilot+ PC” brand.
At the 11th hour, Redmond saw it had some nasty security implications, which couldn’t be tweaked in time for next week’s release of new ARM PCs. The embarrassing U-turn came at the same time as Congress grilled Microsoft vice chair and CLO Brad Smith about whistleblower accusations of slack security.
Egg, meet face. In today’s SB Blogwatch, we wonder why now.
Your humble blogwatcher curated these bloggy bits for your entertainment. Not to mention: First seconds.
Copilot Plus? More Like Copilot Minus
What’s the craic, Zac? Mr. Bowden reports: Microsoft postpones Windows Recall after major backlash
“Serious concerns”
In an unprecedented move, Microsoft has announced that its big Copilot+ PC initiative that was unveiled last month will launch without its headlining “Windows Recall” AI feature next week. … This means these new devices will be missing their headlining AI feature at launch, as Windows Recall is now delayed indefinitely.
…
The feature, which captures snapshots of your screen every few seconds, was revealed to store sensitive user data in an unencrypted state, raising serious concerns among security researchers and experts. … Windows Recall was the big headlining AI feature that was supposed to drive sales of Copilot+ PCs.
Finally! But why now? Sam Sabin reads between the lines: Microsoft delays Recall
“Mounting scrutiny”
This is the first major test of Microsoft’s new cultural shift to make cybersecurity and privacy a top priority on all teams. … Microsoft president Brad Smith promised lawmakers during congressional testimony … that the company will start to prioritize security over fast product development — and that promise also extended to the Recall feature: Cybersecurity “is more important even than the company’s work on artificial intelligence.”
…
Microsoft has faced mounting scrutiny over the feature in both Washington and Silicon Valley — with security and privacy experts warning it could accidentally expose confidential materials, passwords and other sensitive data. … Following initial concerns, Microsoft made Recall an opt-in feature last week and added new secure login requirements.
Horse’s mouth? This ridiculous PR spin was ghostwritten in Pavan Davuluri’s name:
“We remain grateful”
We are adjusting the release model for Recall to leverage the expertise of the Windows Insider community to ensure the experience meets our high standards for quality and security. … Our Secure Future Initiative … is reflected in additional security protections we are providing for Recall content, including “just in time” decryption protected by Windows Hello.
…
We are on a journey to build products and experiences that live up to our company mission. … We remain grateful for the vibrant community of customers who continue to share their feedback with us.
Splorf! ulfw can’t believe their eyes:
What are MSFT Product Managers doing these days? This was one of the worst launches in recent years.
Has Microsoft fallen victim to AI panic like Google has? Do people dare to speak up and say no to Satya and Sundar?
What indeed? CousinSven offers this insight:
Microsoft is heading back to the Ballmer era of competing silos with little to no strategic alignment or oversight. Or, for youngsters, Pichai-era Google.
…
Recall [is] going to be banned from all corporate devices—you would have to have an [huge] risk appetite as a CIO to install it. But it also kills the market for … CoPilot+ devices stone dead. You don’t buy machines with a built in attack vector like Recall. AI has driven the tech world insane.
Should Microsoft do something different instead? Here’s MrElectrifyer:
Good. Delay it to infinity and beyond. It won’t be missed.
…
Instead of this 24/7 spyware solution, simply fix Windows to properly remember all the File Explorer tabs, apps and files you had open before a system restart — as is expected from the … ”Restore Previous Folder Windows at Log-on” option and the … ”Automatically save my restartable apps and restart them when I sign back in” option.
O RLY? simonlb agrees:
I still don’t understand why. What value does Recall add to the OS? … Who even thought it was a good idea?
If Microsoft were actually paying attention and wanted to do something useful, they’d be:
— Fixing the broken Start menu
— Removing all telemetry and adverts
— Making local search the default, with web search an option … if you want it.
OK, but can we get back to the topic in hand? SuperKendall calls Recall “fundamentally bad:”
Let’s say they encrypt that data properly — who is going to want or trust this snapshot feature to begin with? There is no case where I want every single thing I am doing captured constantly. I am dealing with secure client stuff sometimes, banking stuff other times, I don’t want anything on my screen recorded ever unless I turn on screen recording.
The whole feature simply needs to be dropped. It’s crazy to me this made it to the stage where it was developed into a final product!
Meanwhile, with their glass half full, Daishi sees the silver lining:
And all it took was a massive outcry from external security researchers, the media and the public: The system works.
And Finally:
How does this channel only have 1,620 subscribers?
You have been reading SB Blogwatch by Richi Jennings. Richi curates the best bloggy bits, finest forums, and weirdest websites—so you don’t have to. Hate mail may be directed to @RiCHi, @richij, @[email protected], @richi.bsky.social or [email protected]. Ask your doctor before reading. Your mileage may vary. Past performance is no guarantee of future results. Do not stare into laser with remaining eye. E&OE. 30.
Image sauce: Daniel Aleksandersen (cc:0; leveled and cropped)
Recent Articles By Author
如有侵权请联系:admin#unsafe.sh