this post was submitted on 08 Jun 2024
467 points (96.2% liked)

Technology

60015 readers
2646 users here now

This is a most excellent place for technology news and articles.


Our Rules


  1. Follow the lemmy.world rules.
  2. Only tech related content.
  3. Be excellent to each another!
  4. Mod approved content bots can post up to 10 articles per day.
  5. Threads asking for personal tech support may be deleted.
  6. Politics threads may be removed.
  7. No memes allowed as posts, OK to post as comments.
  8. Only approved bots from the list below, to ask if your bot can be added please contact us.
  9. Check for duplicates before posting, duplicates may be removed

Approved Bots


founded 2 years ago
MODERATORS
you are viewing a single comment's thread
view the rest of the comments
[–] [email protected] 80 points 6 months ago (2 children)

Opt-in does not matter, if I message or email someone who has it on, my personal data has been collected without my knowledge or consent.

This shouldnt have been built in the first place, it's irresponsible

[–] helpImTrappedOnline 31 points 6 months ago* (last edited 6 months ago)

This raises an excellent point not considered. This goes for all texts as well if the other person uses the "your phone" app. Discord, matrix, signal, telegram etc are all compromised by this existing on a system.

Will my browser's "private mode" be respected or it is going to store every inappropriate thing I search?

Are password managers safe? How about bank security questions? How often are those actaully obfuscated. The last 4 digits of social security numbers are usually unobfuscated, which is also what a lot of intuitions (stupidly) use to verify your ID over the phone. What if I want to look at the PDF of my tax documents?

What if my HR manager has this enabled and starts viewing PDFs containing private information about employees, payroll data, finances and whatever else is sellable on the dark web.

How about govermnet data? Sure maybe the pentagon IT staff will completely block it, but what about local gov committee ABC that's collecting voter information?

That type of data is valuable enough that it will be targeted regardless of what protection MS attempts. Based on the fact they didnt bother encytping the data from the start, my faith is low.

The implications of this are insane.

[–] squirrelwithnut 6 points 6 months ago (1 children)

That's true of any malware on your contact's computer or an unsecure server, though. That is not specific or novel to this feature.

(I'm not saying I like this feature, or think it's a good idea. I don't, and it's not)

[–] ober9000 2 points 6 months ago

So what you are saying is, is that it's malware. I agree.