this post was submitted on 04 Jun 2024
664 points (98.7% liked)
Technology
59429 readers
3432 users here now
This is a most excellent place for technology news and articles.
Our Rules
- Follow the lemmy.world rules.
- Only tech related content.
- Be excellent to each another!
- Mod approved content bots can post up to 10 articles per day.
- Threads asking for personal tech support may be deleted.
- Politics threads may be removed.
- No memes allowed as posts, OK to post as comments.
- Only approved bots from the list below, to ask if your bot can be added please contact us.
- Check for duplicates before posting, duplicates may be removed
Approved Bots
founded 1 year ago
MODERATORS
you are viewing a single comment's thread
view the rest of the comments
view the rest of the comments
Please go through the FAQ section of the git project. It's an eye-opener.
I doubt that. It’s preinstalled and enabled for personal users.
Even if it is enabled by default on pro/enterprise, there will probably be a group policy to disable it.
It feels like this was intended for buisnesses to monitor for phrases on your screen like "coolmath games unblocked free"
or to extract and upload a summary of what happened every second of every day to the server defined in the group policy.
I doubt it. There are plenty of tools that already do this if that was what they wanted, they’d just model it after those. Storing it locally isn’t how such tools usually work, they get shipped off to a remote server for ingestion.
It's worst than that (as bad as this is)...
Today getting some data on a user is bad as smart hackers can put together the context ... However any guessing the hacker has to do may alert the user before the hacked data can successfully be exploited
Now, a hacker would know exactly where each password goes and worse, they'd could learn the entire workflow of internal systems to successfully imitate a trained user...
This means the hacker could use the stolen bank data and legitimately issue credit cards to anyone they want (for example)
It's no longer "we'll expose some data", now it's "we can use this data to infiltrate your systems and wreak havoc in whatever way we want"