A new discovery that the AI-enabled feature's historical data can be accessed even by hackers without administrator privileges only contributes to the growing sense that the feature is a “dumpster fire.”
Not surprising. If there’s a way for a non-admin user to use this, it means there’s probably a way for a non-admin process to access the data.
Even if if were more secure, there’s probably plenty of ways for attackers to escalate privileges to admin.
The bigger issue is Microsoft providing an official tool for snooping on user activity. Malware won’t have to install their own, and recall taking screenshots periodically won’t be considered anomalous behaviour since it’s an official Microsoft service.
Seriously, you didn’t get through the first paragraph?
the notion of a tool that silently takes a screenshot of your desktop every five seconds”
Saying “periodically” is a pretty trivial way of putting it.
Microsoft and Adobe fighting each other over who gets enshittification of the decade award. Sam Altman is probably crafting a victory speech about what chatGPT 12 might possibly be able to do, someday. The sooner all this snake oil hype crashes and burns, the better off we’ll all be.
Not surprising. If there’s a way for a non-admin user to use this, it means there’s probably a way for a non-admin process to access the data.
Even if if were more secure, there’s probably plenty of ways for attackers to escalate privileges to admin.
The bigger issue is Microsoft providing an official tool for snooping on user activity. Malware won’t have to install their own, and recall taking screenshots periodically won’t be considered anomalous behaviour since it’s an official Microsoft service.
Seriously, you didn’t get through the first paragraph?
Saying “periodically” is a pretty trivial way of putting it.
Microsoft and Adobe fighting each other over who gets enshittification of the decade award. Sam Altman is probably crafting a victory speech about what chatGPT 12 might possibly be able to do, someday. The sooner all this snake oil hype crashes and burns, the better off we’ll all be.
The article describes a tool that grabs the data without admin privileges, but yes, there are methods used by current malware to escalate privileges.