A new discovery that the AI-enabled feature's historical data can be accessed even by hackers without administrator privileges only contributes to the growing sense that the feature is a “dumpster fire.”
Although this feature sounds helpful, it really looks like they went too far with this. They should probably look for a way to sell these Copilot+ pc’s in another way if they can’t get this secure enough and probably keep it disabled for companies…
I’m surprised they didn’t make sure that the part that should help you hide sensitive information worked well before letting the first testers get their hands on the feature. All this bad news about the future doesn’t help convince people to turn it on.
How were they supposed to test any of it, without releasing it to testers? Recall is an “Insider Preview” feature, it’s nowhere close to a final feature.
It doesn’t store screenshots, it stores text it gets via OCR from the screenshots in a SQLite database. Still one of the worst ideas these idiots ever had.
Insiders are not MS employees, though. That is also not the same as trained QA or security. You or I can join the insiders program. It is essentially public beta
Alpha is For sure more accurate. But for me that also means big security holes like that should be plugged before insider. I’m also a bit biased being a QA engineer
Although this feature sounds helpful, it really looks like they went too far with this. They should probably look for a way to sell these Copilot+ pc’s in another way if they can’t get this secure enough and probably keep it disabled for companies…
I’m surprised they didn’t make sure that the part that should help you hide sensitive information worked well before letting the first testers get their hands on the feature. All this bad news about the future doesn’t help convince people to turn it on.
How were they supposed to test any of it, without releasing it to testers? Recall is an “Insider Preview” feature, it’s nowhere close to a final feature.
From my understanding recall stored the screenshots it took unencrypted. Atleast encrypt the bloody data before releasing it to anyone outside of ms
It doesn’t store screenshots, it stores text it gets via OCR from the screenshots in a SQLite database. Still one of the worst ideas these idiots ever had.
“Insider Preview” features are proof of concept stuff, they can add encryption before the “Public Preview” version.
Doing some internal security testing for a start. QA should always have a couple passes too.
Precisely my point.
If people don’t want to be part of the internal testing, or part of the QA testing, then they shouldn’t be running “Insider” or “Preview” stuff.
Insiders are not MS employees, though. That is also not the same as trained QA or security. You or I can join the insiders program. It is essentially public beta
More like alpha. Public beta are the normal (non-Insider) “Preview” versions… then they use a staged update deployment for QA.
And yes, MS is saving a lot of money on trained employees by using paying customers as testers.
Alpha is For sure more accurate. But for me that also means big security holes like that should be plugged before insider. I’m also a bit biased being a QA engineer