• Hirom@beehaw.org
    link
    fedilink
    arrow-up
    21
    ·
    edit-2
    5 months ago

    Not surprising. If there’s a way for a non-admin user to use this, it means there’s probably a way for a non-admin process to access the data.

    Even if if were more secure, there’s probably plenty of ways for attackers to escalate privileges to admin.

    The bigger issue is Microsoft providing an official tool for snooping on user activity. Malware won’t have to install their own, and recall taking screenshots periodically won’t be considered anomalous behaviour since it’s an official Microsoft service.

    • BurningRiver@beehaw.org
      link
      fedilink
      arrow-up
      8
      ·
      5 months ago

      recall taking screenshots periodically

      Seriously, you didn’t get through the first paragraph?

      the notion of a tool that silently takes a screenshot of your desktop every five seconds”

      Saying “periodically” is a pretty trivial way of putting it.

      Microsoft and Adobe fighting each other over who gets enshittification of the decade award. Sam Altman is probably crafting a victory speech about what chatGPT 12 might possibly be able to do, someday. The sooner all this snake oil hype crashes and burns, the better off we’ll all be.

    • psud@aussie.zone
      link
      fedilink
      arrow-up
      7
      ·
      5 months ago

      The article describes a tool that grabs the data without admin privileges, but yes, there are methods used by current malware to escalate privileges.