Physical Address

304 North Cardinal St.
Dorchester Center, MA 02124

Microsoft’s AI recall tool is still sucking credit card and Social Security numbers

What a week! Monday, police arrested Luigi Mangione, 26 years old and accused him of murdering UnitedHealthcare CEO Brian Thompson. Mangione’s five-day run from authorities ended after he was spotted eating at a McDonald’s in Altoona, Pennsylvania, about 300 miles from Manhattan, where Thompson was fatally shot on the morning of December 4 . – printed “ghost gun”, The model of which is known as FMDA, or “Free Men Don’t Ask”.

Meanwhile, a flood of mysterious drone sightings in New Jersey and neighboring states caused so much chaos, it quickly gained federal attention. While many people were wondering because the US military couldn’t just shoot down the dronessay the FBI, the Department of Homeland Security and independent experts the drone mystery may not be much of a mysteryand drones are probably mostly just airplanes.

As for more terrestrial threats, we are in the far right realm of “Active Clubs”, small groups of young, fitness-focused men who are steeped in extremist ideology and linked to many violent attacks. While the man who helped invent the Active Club network, Robert Rundo, was convicted in federal court this week, Active Clubs around the world are proliferating.

Finally, we investigated the treason schemes that Use tiny cameras to gain an illicit advantage in pokerand we questioned the ways humans will use generative AI to make the world a more dangerous place.

But that’s not all. Every week, we add privacy and security news that we haven’t covered in depth. Click the headlines to read the full stories. And stay safe outside.

Back in May, Microsoft jubilant announced Recall, an AI feature for some Windows PCs that silently takes screenshots every five seconds and then lets you easily search through the resulting fingerprint. Forgot where you saw a recipe online? Tapping a couple of keywords into Recall could, in theory, find the dish again. It didn’t take long for the privacy and security community find wide open holes in the function.

In response, Microsoft delayed the launch of Recall and eventually made some significant changes– such as making Recall opt-in rather than enabled by default, better encryption of the information captured by Recall, and adding authentication to access the data it has stored. Recall finally launched for some users this month.

However, this week, the recall test from Tom’s Hardware showed that a key safeguard put in place by Microsoft can also fail. With a Recall setting called “sensitive information filter” enabled, Tom’s Hardware tests found that it still took screenshots of some sensitive information, such as credit card numbers and Social Security numbers. When the publication wrote a credit card number and a username and password in a Notepad window, they were gathered in the screenshots. “Similarly, when I filled out a PDF loan application in Microsoft Edge, entering a social security number, name and DOB, Recall captured this,” Avram Piltch write. The tool, however, did not record details when they were entered into a couple of online stores.



Source link

Leave a Reply

Your email address will not be published. Required fields are marked *