top | item 40649770

(no title)

faeranne | 1 year ago

Ignoring the problematic details of this specific implementation (Seriously? they didn't make encryption the first thing to implement?), I think the biggest thing to remember is that, while the only sure-fire way to prevent this data from being stolen is to not record it, the likelihood some 2-bit hacker is gonna access this data goes way up when it's easy to expect it to be there.

CoPilot Recall is a massive target because if you break into a system, there would be a good chance that data is there since it was opt-out by default. open-source recall implementations are not only opt-in, but require additional overhead to install, so the likelihood that one would find this data on the drive is such a low target as to be not worth including in an automated scanner.

Remember that surface-area does matter in things like this. If you believe you're a large enough target for some amount of focus (and you might be if your involved in mid-scale open-source projects, like XZ apparently), then it's good to be cautious. If you're not that kind of target, then just remember you only need to be more complex than the average person, and something like this absolutely qualifies as "more complex".

discuss

No comments yet.