You can always count on someone coming along and defending the multi-trillion dollar corporation that just so happens to take a screenshot of your screen every few seconds (among many, many - too many other things)
I big demographic of HN users are people who want to be the multi-trillion dollar corporation so it’s not too surprising. In this case though I think they are right. And I’m a big time Microsoft hater.
There is no point locking your laptop with a passphrase if that passphrase is thrown around.
Sure, maybe some thief can't get access, but they probably can if they can convince Microsoft to hand over the key.
Microsoft should not have the key, thats part of the whole point of FDE; nobody can access your drive except you.
The cost of this is that if you lose your key: you also lose the data.
We have trained users about this for a decade, there have been countless dialogues explaining this, even if we were dumber than we were (we're not, despite what we're being told: users just have fatigue from over stimulation due to shitty UX everywhere); then it's still a bad default.
It only became off by default after those "daily rage sessions" created sufficient public pressure to turn them off.
Microsoft also happens to own LinkedIn which conveniently "forgets" all of my privacy settings every time I decide to review them (about once a year) and discover that they had been toggled back to the privacy-invasive value without my knowledge. This has happened several times over the years.
Daily rage is exactly what technology affine people need to direct at Microslop, while helping their loved ones and ideally businesses transition away from the vendor lockin onto free software.
AI enshittification is irrelevant here. Why is someone pointing out that sensible secure defaults are a good thing suddenly defending the entire company?
There are a lot of people here criticising MSFT for implementing a perfectly reasonable encryption scheme.
This isn’t some secret backdoor, but a huge security improvement for end-users. This mechanism is what allows FDE to be on by default, just like (unencrypted) iCloud backups do for Apple users.
Calling bs on people trying to paint this as something it’s not is not “whiteknighting”.
Yes, because object level facts matter, and it's intellectually dishonest to ignore the facts and go straight into analyzing which side is the most righteous, like:
>Microsoft is an evil corporation, so we must take all bad stories about them at face value. You're not some corpo bootlicker, now, are you? Now, in unrelated news, I heard Pfizer, another evil corporation with a dodgy history[1] is insisting their vaccines are safe...
Microsoft doesn't take the screenshot; their operating system does if Recall is enabled, and although the screenshots themselves are stored in an insecure format and location, Microsoft doesn't get them by default.
yoyohello13|1 month ago
dijit|1 month ago
How?
There is no point locking your laptop with a passphrase if that passphrase is thrown around.
Sure, maybe some thief can't get access, but they probably can if they can convince Microsoft to hand over the key.
Microsoft should not have the key, thats part of the whole point of FDE; nobody can access your drive except you.
The cost of this is that if you lose your key: you also lose the data.
We have trained users about this for a decade, there have been countless dialogues explaining this, even if we were dumber than we were (we're not, despite what we're being told: users just have fatigue from over stimulation due to shitty UX everywhere); then it's still a bad default.
nitwit005|1 month ago
Aurornis|1 month ago
> that just so happens to take a screenshot of your screen every few seconds
Recall is off by default. You have to go turn it on if you want it.
dns_snek|1 month ago
Microsoft also happens to own LinkedIn which conveniently "forgets" all of my privacy settings every time I decide to review them (about once a year) and discover that they had been toggled back to the privacy-invasive value without my knowledge. This has happened several times over the years.
lpcvoid|1 month ago
zer00eyz|1 month ago
There is the old password for candy bar study: https://blog.tmb.co.uk/passwords-for-chocolate
Do users care? I would posit that the bulk of them do not, because they just dont see how it applies to them, till they run into some type of problem.
patja|1 month ago
parliament32|1 month ago
egorfine|1 month ago
2) according to Microsoft
So, trust is not zero. It's deeply negative.
mcmcmc|1 month ago
ChromaticPanic|1 month ago
ryandrake|1 month ago
[deleted]
walletdrainer|1 month ago
There are a lot of people here criticising MSFT for implementing a perfectly reasonable encryption scheme.
This isn’t some secret backdoor, but a huge security improvement for end-users. This mechanism is what allows FDE to be on by default, just like (unencrypted) iCloud backups do for Apple users.
Calling bs on people trying to paint this as something it’s not is not “whiteknighting”.
gruez|1 month ago
>Microsoft is an evil corporation, so we must take all bad stories about them at face value. You're not some corpo bootlicker, now, are you? Now, in unrelated news, I heard Pfizer, another evil corporation with a dodgy history[1] is insisting their vaccines are safe...
[1] https://en.wikipedia.org/wiki/Pfizer#Legal_issues
LoganDark|1 month ago
pohuing|1 month ago