this post was submitted on 07 Jun 2024
454 points (97.5% liked)
Technology
60082 readers
4271 users here now
This is a most excellent place for technology news and articles.
Our Rules
- Follow the lemmy.world rules.
- Only tech related content.
- Be excellent to each another!
- Mod approved content bots can post up to 10 articles per day.
- Threads asking for personal tech support may be deleted.
- Politics threads may be removed.
- No memes allowed as posts, OK to post as comments.
- Only approved bots from the list below, to ask if your bot can be added please contact us.
- Check for duplicates before posting, duplicates may be removed
Approved Bots
founded 2 years ago
MODERATORS
you are viewing a single comment's thread
view the rest of the comments
view the rest of the comments
Why on earth aren't they encrypting the database? It could have adressed much of the criticism but they just decided to leave the whole thing completely unprotected.
They encrypt the damn start menu and they cannot encrypt this?
They do?
Seriously??
Yep. Trying to maintain a consistent startmenu for computer labs with Windows 11 is annoying.
The layout is stored in an encrypted file that cannot be editted directly. You have to manually setup the start menu on one profile then copy the file to all the others. This works fine for intial deployments, but is a massive pain if you need to add any other apps later.
The old powershell commandlet for importing layouts does not work in Win11. The old group policy settings don't work either. The actual DLL calls used by the end user to manually configuring the start menu are deliberatly coded to prevent being called from a script.
It is freaky how much work Microsoft has done to prevent scripting changes to the start menu.
The only officially supported method for an IT department to manage the start menu is intune, but microsoft's device licensing for intune is a mess out folks have yet to figure out.
Ah, so user can't interfere with ads, hm?
Likely because there was too much CPU overhead decrypting and having the LLM query the Recall image database all dynamically
In the grand scheme of things, the LLM is the bottleneck, not the decryption.
I dunno, they could've kept some of it in-memory, it's just a bunch of plaintext.
It requires full disk encryption doesn't it? If someone already has access to your account then they can access this data the same way you can. The new issue here is that this silos a load of private data in one easy to grab location. Users would have to set up the filters perfectly to prevent recall capturing anything more sensitive than what's already accessible to their account. This is in a world where many users are probably storing their passwords in a Word document on the desktop.
It could be that anything you encrypt has to have its encryption key in some place inaccessible to these same hacker tools. If your computer uses Bitlocker, for instance, you need to enter a 6-digit code each time you turn it on.
Best guess, they had such a high expectation of "convenience" for this feature that they couldn't justify any kind of security key. Which is still a dumb explanation, obviously.