Windows Recall demands an extraordinary level of trust that Microsoft hasn’t earned

jeffw@lemmy.world · 1 month ago

Windows Recall demands an extraordinary level of trust that Microsoft hasn’t earned

gravitas_deficiency@sh.itjust.works · edit-2 1 month ago

It’s entirely a nonstarter for entire fucking industries. That’s not hyperbole. I work in one of them.

Edit: scratch that - If any infosec team, anywhere, in any industry, at any corporation or organization, doesn’t categorically refuse to certify for use any system that is running MS Recall, they should be summarily fired and blackballed from the industry. It’s that bad. For real: this is how secrets (as in, cryptographic) get leaked. The exposure and liability inherent to this service is comical in the extreme. This may actually kill the product.

E2: to the title’s implication that such trust can be earned: it kinda can’t. That’s basically the point of really good passwords and secrets (private keys, basically): nobody else knows them. To try to dance around that is fundamentally futile. Also: who am I kidding, this shit will sell like hotcakes. Everyone’s on fucking Facebook, and look how horrifically they exploit everyone’s data for goddamn everything. This isn’t much worse than that to the average mostly-tech-illiterate consumer.