This raises an excellent point not considered. This goes for all texts as well if the other person uses the “your phone” app. Discord, matrix, signal, telegram etc are all compromised by this existing on a system.
Will my browser’s “private mode” be respected or it is going to store every inappropriate thing I search?
Are password managers safe? How about bank security questions? How often are those actaully obfuscated. The last 4 digits of social security numbers are usually unobfuscated, which is also what a lot of intuitions (stupidly) use to verify your ID over the phone. What if I want to look at the PDF of my tax documents?
What if my HR manager has this enabled and starts viewing PDFs containing private information about employees, payroll data, finances and whatever else is sellable on the dark web.
How about govermnet data? Sure maybe the pentagon IT staff will completely block it, but what about local gov committee ABC that’s collecting voter information?
That type of data is valuable enough that it will be targeted regardless of what protection MS attempts. Based on the fact they didnt bother encytping the data from the start, my faith is low.
Opt-in does not matter, if I message or email someone who has it on, my personal data has been collected without my knowledge or consent.
This shouldnt have been built in the first place, it’s irresponsible
This raises an excellent point not considered. This goes for all texts as well if the other person uses the “your phone” app. Discord, matrix, signal, telegram etc are all compromised by this existing on a system.
Will my browser’s “private mode” be respected or it is going to store every inappropriate thing I search?
Are password managers safe? How about bank security questions? How often are those actaully obfuscated. The last 4 digits of social security numbers are usually unobfuscated, which is also what a lot of intuitions (stupidly) use to verify your ID over the phone. What if I want to look at the PDF of my tax documents?
What if my HR manager has this enabled and starts viewing PDFs containing private information about employees, payroll data, finances and whatever else is sellable on the dark web.
How about govermnet data? Sure maybe the pentagon IT staff will completely block it, but what about local gov committee ABC that’s collecting voter information?
That type of data is valuable enough that it will be targeted regardless of what protection MS attempts. Based on the fact they didnt bother encytping the data from the start, my faith is low.
The implications of this are insane.
That’s true of any malware on your contact’s computer or an unsecure server, though. That is not specific or novel to this feature.
(I’m not saying I like this feature, or think it’s a good idea. I don’t, and it’s not)
So what you are saying is, is that it’s malware. I agree.