Q. Is this really as harmful as you think?
A. Go to your parents house, your grandparents house etc and look at their Windows PC, look at the installed software in the past year, and try to use the device. Run some antivirus scans. There’s no way this implementation doesn’t end in tears — there’s a reason there’s a trillion dollar security industry, and that most problems revolve around malware and endpoints.
No, I don’t think “everyone will get hacked or something”, don’t put words in my. I mouth for the sake of your argument.
What it is, and this is undeniable, is a massive fucking privacy and security hole if someone gains control of your computer.
I didn’t want to put words in your mouth, but wanted to clear up where each of us stand so there is no missunderstanding.
If somebody gains control of your computer today, that’s a massive privacy and security hole in itself.
If you didn’t want to put words in someone’s mouth then you shouldn’t have said something like
Oh a knight in shining armour trying to defend my dialogue partner?
Did you ask anyone needed defense? Because I’m pretty sure they don’t.
If you read carefully I wrote “or something” at the end implying that I don’t know exactly what they believe. It was not that subtle of invitation for them to agree with my first assessment or correct me. I will try to be really blunt in the future, so that you don’t missunderstand again.
? I’m not defending anyone, I’m calling out bullshit when I see it
I don’t really care that you like watching kids through their bedroom windows or whatever
If that doesn’t accurately describe your views, no worries—I said “or whatever,” so it’s fine
What a dumb and petty response.
Bye.
Absolutely, but even with control of your computer, if you’re smart, other accounts etc will still be inaccessible by the attacker.
Not when they get access to the Windows built in desktop spy saving everything it sees.
Not if it’s encrypted and if sensitive information is not saved.
Main point is still that gaining control of someone’s computer against their will is practically impossible today. If someone manages to do it, they already have your files and all the sensitive information they could want. They won’t even bother with this recall. And if you are worried about it, you will be able to just turn it off.
Much ado about nothing.
“If sensitive information is not saved” is doing a lot of heavy lifting for you there. The issue is that it saves everything.
But it doesn’t save completely everything. It does snapshots as far as I understand. So it’s unlikely a whole password would be there on a snapshot. And again, it had to be mentioned that anything can be excluded from recall or disabled completely.
At this point it has to be again highlighted that gaining access to a computer is very hard and that in itself is game over scenario. More information can be gained from a keylogger than this recall feature.
A keylogger isn’t retroactive to before the keylogger was installed though. Recall is. Also, with Recall you don’t need to write keylogging software and get it past antimalware scans (and keep it from getting detected), you just have to get an infostealer past them one single time to take the Recall database.
It’s very unlikely you could get the password from recall